Unserialize array with binary string fails #288
Description
Hello 👋
I tried using this library with serialized items containing binary strings and it failed.
My serialized string looks like this:
a:1:{s:10:\"\x9d\x18\x87\xe9\x05\x00\x00\x00\x0b_\";s:50:\"8:2:S:I:C:v:H:F:H:F:F:U:A940016A:02A555AA:AAAAAA80\";}
With php's unserialize, it does not crash.
Context
My serialized string is generated by Symfony Cache.
The first part of the array (\x9d\x18\x87\xe9\x05\x00\x00\x00\x0b_) is added by the cache component to store metadata information (expiration date). They are storing this information as a binary string using php pack and unpack
The relevant part for encoding is: Psr16Cache.php line 188
$values[$key] = ["\x9D".pack('VN', (int) (0.1 + $metadata[CacheItem::METADATA_EXPIRY] - self::METADATA_EXPIRY_OFFSET), $metadata[CacheItem::METADATA_CTIME])."\x5F" => $values[$key]];and decoding: AbstractAdapter.php line 52-59
// Detect wrapped values that encode for their expiry and creation duration
// For compactness, these values are packed in the key of an array using
// magic numbers in the form 9D-..-..-..-..-00-..-..-..-5F
if (\is_array($v) && 1 === \count($v) && 10 === \strlen($k = (string) key($v)) && "\x9D" === $k[0] && "\0" === $k[5] && "\x5F" === $k[9]) {
$item->value = $v[$k];
$v = unpack('Ve/Nc', substr($k, 1, -1));
$item->metadata[CacheItem::METADATA_EXPIRY] = $v['e'] + CacheItem::METADATA_EXPIRY_OFFSET;
$item->metadata[CacheItem::METADATA_CTIME] = $v['c'];
}Note: I did not find a way to fix this in your library (nor if this is fixable) so I don't use this anymore. But I though maybe you know better 🙂