Uploaded image for project: 'Doctrine 2 - ORM'
  1. Doctrine 2 - ORM
  2. DDC-3120

Warning: Erroneous data format for unserializing PHP5.6+

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: Git Master
    • Fix Version/s: 2.5, 2.4.6
    • Component/s: ORM
    • Security Level: All
    • Labels:
    • Environment:
      Webserver Apache/2.4.7 (Win32) OpenSSL/1.0.1e PHP/5.6.0beta2

      and

      PHP-CLI (Win32) PHP/5.6.0beta2

      Description

      Hi all,

      There seems to be something strange going on in the method newInstance() of the class \Doctrine\ORM\Mapping\ClassMetadataInfo.

      The original class method looks like this:

      \Doctrine\ORM\Mapping\ClassMetadataInfo#newInstance()

          {
              if ($this->_prototype === null) {
                  $this->_prototype = unserialize(sprintf('O:%d:"%s":0:{}', strlen($this->name), $this->name));
              }
      
              return clone $this->_prototype;
          }
      

      What happens now when a class that implements \Serializable is that a "Warning: Erroneous data format for unserializing" shows up and the function unserialize() returns false.

      That is because a class that implements \Serializable is expected to have the letter 'C' in the serialize string instead of the letter 'O'.

      I've made a quick work-around like this:

      \Doctrine\ORM\Mapping\ClassMetadataInfo#newInstance()

          {
              if ($this->_prototype === null) {
                  $this->_prototype = @unserialize(sprintf('O:%d:"%s":0:{}', strlen($this->name), $this->name));
                  if ($this->_prototype === false) {
                      $this->_prototype = unserialize(sprintf('C:%d:"%s":0:{}', strlen($this->name), $this->name));
                  }
              }
      
              return clone $this->_prototype;
          }
      

      That seems to work in my isolated tests and with Symfony2 and Doctrine2 and FOSUserBundle together.

      I've noticed this because the Model\User class from FOSUserBundle implements \Serializable.

      I had to implement a check in Model\User class because when using 'C:%d:"%s":0:{}' the $serialized parameter of the unserialize method in the Model\User class is a empty string then.

      That warning seems only to happen with PHP5.6+. PHP5.5.12 and below doesn't show that warning.

      I hope someone can shine some light on this, thank you,

      Cornelis.

        Issue Links

          Activity

          Hide
          doctrinebot Doctrine Bot added a comment -

          A related Github Pull-Request [GH-1109] was assigned:
          https://github.com/doctrine/doctrine2/pull/1109

          Show
          doctrinebot Doctrine Bot added a comment - A related Github Pull-Request [GH-1109] was assigned: https://github.com/doctrine/doctrine2/pull/1109
          Hide
          dominik.zogg@gmail.com Dominik Zogg added a comment -

          @ocramius would be great if there where backports for 2.4 and 2.3

          Show
          dominik.zogg@gmail.com Dominik Zogg added a comment - @ocramius would be great if there where backports for 2.4 and 2.3
          Hide
          r1pp3rj4ck Attila Bukor added a comment -

          I agree with Dominik, we'd like to use the latest stable version and would need this patch.

          Show
          r1pp3rj4ck Attila Bukor added a comment - I agree with Dominik, we'd like to use the latest stable version and would need this patch.
          Hide
          ocramius Marco Pivetta added a comment -

          This has been backported in DDC-3339

          Show
          ocramius Marco Pivetta added a comment - This has been backported in DDC-3339
          Hide
          sysko sysko added a comment -
          Show
          sysko sysko added a comment - I still have this error even 2.5.0+ and PHP5.6+ https://travis-ci.org/allan-simon/oauth2-symfony2-vagrant-fosuserbundle/jobs/62429219

            People

            • Assignee:
              ocramius Marco Pivetta
              Reporter:
              techkey Cornelis Brouwers
            • Votes:
              0 Vote for this issue
              Watchers:
              14 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: