1--TEST-- 2Bug #72663: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization 3--FILE-- 4<?php 5class obj { 6 var $ryat; 7 function __wakeup() { 8 $this->ryat = str_repeat('A', 0x112); 9 } 10} 11 12$poc = 'O:8:"stdClass":1:{i:0;O:3:"obj":1:{s:4:"ryat";R:1;'; 13unserialize($poc); 14?> 15DONE 16--EXPECTF-- 17Notice: unserialize(): Error at offset 50 of 50 bytes in %sbug72663_3.php on line %d 18DONE 19
