1--TEST-- 2Bug #71311 Use-after-free vulnerability in SPL(ArrayObject, unserialize) 3--FILE-- 4<?php 5$data = unserialize("C:11:\"ArrayObject\":11:{x:i:0;r:3;XX"); 6var_dump($data); 7?> 8--EXPECTF-- 9Fatal error: Uncaught UnexpectedValueException: Error at offset 10 of 11 bytes in %s%ebug71311.php:2 10Stack trace: 11#0 [internal function]: ArrayObject->unserialize('x:i:0;r:3;X') 12#1 %s%ebug71311.php(2): unserialize('%s') 13#2 {main} 14 thrown in %s%ebug71311.php on line 2 15 16 17