[Bug 310845] Re: php5 serialize() function corrupt strings
Onno Benschop
onno at itmaze.com.au
Tue Dec 23 23:37:59 GMT 2008
This is not a fail.
I think you misunderstand what serialize() does. The purpose is to
encapsulate the content of an object - be it a string, array or class -
and store it in a single string variable.
The PHP manual says this about serialize():
"Returns a string containing a byte-stream representation of value that
can be stored anywhere."
If you want to pass the serialised bytes around, then you need to either
URL-encode them, or store it as a binary string.
I am closing this as an invalid bug and removing the security team.
** Changed in: php5 (Ubuntu)
Status: New => Invalid
--
php5 serialize() function corrupt strings
https://bugs.launchpad.net/bugs/310845
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list