summaryrefslogtreecommitdiff
path: root/ext/standard/tests/serialize/bug72785.phpt
diff options
context:
space:
mode:
Diffstat (limited to 'ext/standard/tests/serialize/bug72785.phpt')
-rw-r--r--ext/standard/tests/serialize/bug72785.phpt24
1 files changed, 24 insertions, 0 deletions
diff --git a/ext/standard/tests/serialize/bug72785.phpt b/ext/standard/tests/serialize/bug72785.phpt
new file mode 100644
index 0000000000..8bcdf635f7
--- /dev/null
+++ b/ext/standard/tests/serialize/bug72785.phpt
@@ -0,0 +1,24 @@
+--TEST--
+Bug #72785: allowed_classes only applies to outermost unserialize()
+--FILE--
+<?php
+
+// Forbidden class
+class A {}
+
+$p = 'x:i:0;a:1:{i:0;O:1:"A":0:{}};m:a:0:{}';
+$s = 'C:11:"ArrayObject":' . strlen($p) . ':{' . $p . '}';
+var_dump(unserialize($s, ['allowed_classes' => ['ArrayObject']]));
+
+?>
+--EXPECT--
+object(ArrayObject)#1 (1) {
+ ["storage":"ArrayObject":private]=>
+ array(1) {
+ [0]=>
+ object(__PHP_Incomplete_Class)#2 (1) {
+ ["__PHP_Incomplete_Class_Name"]=>
+ string(1) "A"
+ }
+ }
+}
View Lorry Controller Status