Merge branch 'PHP-7.1' into PHP-7.2

nikic · nikic · commit 3a236d0587aa · 2018-07-02T17:59:15.000+02:00
diff --git a/NEWS b/NEWS
@@ -21,7 +21,7 @@ PHP                                                                        NEWS
     non-blocking). (Nikita)
 
 - GMP:
-  . Fixed bug #76470 (Integer Underflow when unserializing GMP and possible
+  . Fixed bug #74670 (Integer Underflow when unserializing GMP and possible
     other classes). (Nikita)
 
 - intl:
diff --git a/ext/standard/tests/serialize/bug70436.phpt b/ext/standard/tests/serialize/bug70436.phpt
@@ -25,7 +25,7 @@ $fakezval .= "\x01";
 $fakezval .= "\x00";
 $fakezval .= "\x00\x00";
 
-$inner = 'C:3:"obj":3:{ryat';
+$inner = 'C:3:"obj":3:{rya}';
 $exploit = 'a:4:{i:0;i:1;i:1;C:3:"obj":'.strlen($inner).':{'.$inner.'}i:2;s:'.strlen($fakezval).':"'.$fakezval.'";i:3;R:5;}';
 
 $data = unserialize($exploit);
@@ -48,8 +48,6 @@ DONE
 --EXPECTF--
 Notice: unserialize(): Error at offset 0 of 3 bytes in %sbug70436.php on line %d
 
-Notice: unserialize(): Error at offset 16 of 17 bytes in %sbug70436.php on line %d
-
 Notice: unserialize(): Error at offset 93 of 94 bytes in %sbug70436.php on line %d
 bool(false)
 DONE
