php-serialize 1.3.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c1e2ab051accee52d022349801a297fbaa81c21ea025123291ebccb44cf3a28d
-  data.tar.gz: cceaed0eab97b037777dd37cb2c50f6e98e3d6b0c1a5f3f9f9f9cb9f392a7c5b
+  metadata.gz: 5ad6d644735d6cf8749b281aa1bb0135fd383d69afa7bdcd8474da2080fb35b3
+  data.tar.gz: 290687c9212981d99039eb169a7cb3dd6817714dc4ac670c11e79485de202b6f
 SHA512:
-  metadata.gz: ac582a23b37c737ecd86ffe611af1a5cb569a96462da61f77932dafd7450a7748dbd7155926008b6dda7ee36ca9ccdcc5844eb5f0ccb72670b65570a7bcac731
-  data.tar.gz: 337d048bc1c69c7ad52553d160d0c591ab9231a4ed6b0bd8f52ae6498e2e1f9d8817b6e3278f5a417e3217b3b548114515f7a059a9e9d7b94e23c86b83d6327c
+  metadata.gz: a806b59eeae1a7aeae84d38bad946173eb7245ba5819ab807e7d2fa6543444a90600eec81ba769252389ef16b9d4be213aaf79e484c3880da44c5bd30a2c542d
+  data.tar.gz: '096e7d3642c2c2eb85a324422f133d40753244d17df87fa84d4d9328b0fb3da1b185af0f0edd9de3282488192bdff29e8bf31e292609c78f44ec6d4c76b52ec9'

data/lib/php_serialize.rb

@@ -163,19 +163,20 @@ module PHP
 		classmap ||= {}
 
 		ret = nil
-		string = StringIOReader.new(string)
+		original_encoding = string.encoding
+		string = StringIOReader.new(string.force_encoding('BINARY'))
 		while string.string[string.pos, 32] =~ /^(\w+)\|/ # session_name|serialized_data
 			ret ||= {}
 			string.pos += $&.size
-			ret[$1] = PHP.do_unserialize(string, classmap, assoc)
+			ret[$1] = PHP.do_unserialize(string, classmap, assoc, original_encoding)
 		end
 
-		ret || PHP.do_unserialize(string, classmap, assoc)
+		ret || PHP.do_unserialize(string, classmap, assoc, original_encoding)
 	end
 
 	private
 
-	def PHP.do_unserialize(string, classmap, assoc)
+	def PHP.do_unserialize(string, classmap, assoc, original_encoding)
 		val = nil
 		# determine a type
 		type = string.read(2)[0,1]
@@ -184,7 +185,7 @@ module PHP
 				count = string.read_until('{').to_i
 				val = Array.new
 				count.times do |i|
-					val << [do_unserialize(string, classmap, assoc), do_unserialize(string, classmap, assoc)]
+					val << [do_unserialize(string, classmap, assoc, original_encoding), do_unserialize(string, classmap, assoc, original_encoding)]
 				end
 				string.read(1) # skip the ending }
 
@@ -200,6 +201,12 @@ module PHP
 					i += 1
 				end
 
+				val = val.map { |tuple|
+					tuple.map { |it|
+						it.kind_of?(String) ? it.force_encoding(original_encoding) : it
+					}
+				}
+
 				if array
 					val.map! {|_,value| value }
 				elsif !assoc
@@ -216,8 +223,8 @@ module PHP
 				len = string.read_until('{').to_i
 
 				len.times do
-					attr = (do_unserialize(string, classmap, assoc))
-					attrs << [attr.intern, (attr << '=').intern, do_unserialize(string, classmap, assoc)]
+					attr = (do_unserialize(string, classmap, assoc, original_encoding))
+					attrs << [attr.intern, (attr << '=').intern, do_unserialize(string, classmap, assoc, original_encoding)]
 				end
 				string.read(1)
 
@@ -245,7 +252,7 @@ module PHP
 
 			when 's' # string, s:length:"data";
 				len = string.read_until(':').to_i + 3 # quotes, separator
-				val = string.read(len)[1...-2] # read it, kill useless quotes
+				val = string.read(len)[1...-2].force_encoding(original_encoding) # read it, kill useless quotes
 
 			when 'i' # integer, i:123
 				val = string.read_until(';').to_i

data/test/php_serialize_test.rb

@@ -76,7 +76,9 @@ class TestPhpSerialize < Test::Unit::TestCase
   # PHP counts multibyte string, not string length
   def test_multibyte_string
     assert_equal  "s:6:\"öäü\";", PHP.serialize("öäü")
+    assert_equal PHP.unserialize("s:6:\"öäü\";"), "öäü"
   end
+
 	# Verify assoc is passed down calls.
 	# Slightly awkward because hashes don't guarantee order.
 	def test_assoc
@@ -94,6 +96,24 @@ class TestPhpSerialize < Test::Unit::TestCase
 		end
 	end
 
+	# Multibyte version.
+	# Verify assoc is passed down calls.
+	# Slightly awkward because hashes don't guarantee order.
+	def test_assoc_multibyte
+		assert_nothing_raised do
+			ruby = {'ああ' => ['öäü','漢字'], 'hash' => {'おはよう' => 'smoke'}}
+			ruby_assoc = [['ああ', ['öäü','漢字']], ['hash', [['おはよう','smoke']]]]
+			phps = [
+				'a:2:{s:6:"ああ";a:2:{i:0;s:6:"öäü";i:1;s:6:"漢字";}s:4:"hash";a:1:{s:12:"おはよう";s:5:"smoke";}}',
+				'a:2:{s:4:"hash";a:1:{s:12:"おはよう";s:5:"smoke";}s:6:"ああ";a:2:{i:0;s:6:"öäü";i:1;s:6:"漢字";}}'
+			]
+			serialized = PHP.serialize(ruby, true)
+			assert phps.include?(serialized)
+			unserialized = PHP.unserialize(serialized, true)
+			assert_equal ruby_assoc.sort, unserialized.sort
+		end
+	end
+
 	def test_sessions
 		assert_nothing_raised do
 			ruby = {'session_id' => 42, 'user_data' => {'uid' => 666}}

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: php-serialize
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.4.0
 platform: ruby
 authors:
 - Thomas Hurst
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-02-19 00:00:00.000000000 Z
+date: 2024-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -53,7 +53,7 @@ homepage: https://github.com/jqr/php-serialize
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib/
@@ -68,8 +68,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.4.19
+signing_key:
 specification_version: 4
 summary: Ruby analogs to PHP's serialize() and unserialize() functions
 test_files: