1--TEST-- 2Bug #69152: Type Confusion Infoleak Vulnerability in unserialize() 3--FILE-- 4<?php 5$x = unserialize('O:9:"exception":1:{s:16:"'."\0".'Exception'."\0".'trace";s:4:"ryat";}'); 6echo $x; 7$x = unserialize('O:4:"test":1:{s:27:"__PHP_Incomplete_Class_Name";R:1;}'); 8$x->test(); 9 10?> 11--EXPECTF-- 12Notice: Undefined property: Exception::$previous in %s on line %d 13exception 'Exception' in %s:%d 14Stack trace: 15#0 {main} 16 17Fatal error: main(): The script tried to execute a method or access a property of an incomplete object. Please ensure that the class definition "unknown" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide a __autoload() function to load the class definition in %s on line %d 18