File: unserialize_allowed_classes_option_invalid_array.phpt

package info (click to toggle)
php8.4 8.4.11-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 208,108 kB
  • sloc: ansic: 1,060,628; php: 35,345; sh: 11,866; cpp: 7,201; pascal: 4,913; javascript: 3,091; asm: 2,810; yacc: 2,411; makefile: 689; xml: 446; python: 301; awk: 148
file content (61 lines) | stat: -rw-r--r-- 2,024 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
--TEST--
Test unserialize() with array allowed_classes and nonsensical values
--FILE--
<?php
class foo {
        public $x = "bar";
}
$z = array(new foo(), 2, "3");
$s = serialize($z);

try {
    unserialize($s, ["allowed_classes" => [null]]);
} catch (Throwable $e) {
    echo $e::class, ': ', $e->getMessage(), "\n";
}
try {
    unserialize($s, ["allowed_classes" => [false]]);
} catch (Throwable $e) {
    echo $e::class, ': ', $e->getMessage(), "\n";
}
try {
    unserialize($s, ["allowed_classes" => [true]]);
} catch (Throwable $e) {
    echo $e::class, ': ', $e->getMessage(), "\n";
}
try {
    unserialize($s, ["allowed_classes" => [42]]);
} catch (Throwable $e) {
    echo $e::class, ': ', $e->getMessage(), "\n";
}
try {
    unserialize($s, ["allowed_classes" => [15.2]]);
} catch (Throwable $e) {
    echo $e::class, ': ', $e->getMessage(), "\n";
}
try {
    unserialize($s, ["allowed_classes" => [[]]]);
} catch (Throwable $e) {
    echo $e::class, ': ', $e->getMessage(), "\n";
}
try {
    unserialize($s, ["allowed_classes" => [STDERR]]);
} catch (Throwable $e) {
    echo $e::class, ': ', $e->getMessage(), "\n";
}
try {
    unserialize($s, ["allowed_classes" => [new stdClass]]);
} catch (Throwable $e) {
    echo $e::class, ': ', $e->getMessage(), "\n";
}

?>
--EXPECT--
TypeError: unserialize(): Option "allowed_classes" must be an array of class names, null given
TypeError: unserialize(): Option "allowed_classes" must be an array of class names, false given
TypeError: unserialize(): Option "allowed_classes" must be an array of class names, true given
TypeError: unserialize(): Option "allowed_classes" must be an array of class names, int given
TypeError: unserialize(): Option "allowed_classes" must be an array of class names, float given
TypeError: unserialize(): Option "allowed_classes" must be an array of class names, array given
TypeError: unserialize(): Option "allowed_classes" must be an array of class names, resource given
Error: Object of class stdClass could not be converted to string