1--TEST--
2SPL: Test that serialized blob contains unique elements (CVE-2010-2225)
3--FILE--
4<?php
5
6$badblobs = array(
7'x:i:2;i:0;,i:1;;i:0;,i:2;;m:a:0:{}',
8'x:i:3;O:8:"stdClass":0:{},O:8:"stdClass":0:{};R:2;,i:1;;O:8:"stdClass":0:{},r:2;;m:a:0:{}',
9'x:i:3;O:8:"stdClass":0:{},O:8:"stdClass":0:{};r:2;,i:1;;O:8:"stdClass":0:{},r:2;;m:a:0:{}',
10'x:i:1;O:8:"stdClass":0:{},N;;m:s:40:"1234567890123456789012345678901234567890"',
11);
12foreach($badblobs as $blob) {
13try {
14  $so = new SplObjectStorage();
15  $so->unserialize($blob);
16  var_dump($so);
17} catch(UnexpectedValueException $e) {
18    echo $e->getMessage()."\n";
19}
20}
21echo "DONE\n";
22?>
23--EXPECTF--
24Error at offset 6 of 34 bytes
25Error at offset 46 of 89 bytes
26object(SplObjectStorage)#2 (1) {
27  ["storage":"SplObjectStorage":private]=>
28  array(2) {
29    ["%s"]=>
30    array(2) {
31      ["obj"]=>
32      object(stdClass)#3 (0) {
33      }
34      ["inf"]=>
35      int(1)
36    }
37    ["%s"]=>
38    array(2) {
39      ["obj"]=>
40      object(stdClass)#1 (0) {
41      }
42      ["inf"]=>
43      object(stdClass)#3 (0) {
44      }
45    }
46  }
47}
48Error at offset 78 of 78 bytes
49DONE
50