phpserialize
phpserialize copied to clipboard
Fix index out of bounds panic
Previously, DecodePHPString
could panic on this line due to the index being out bounds: https://github.com/elliotchance/phpserialize/blob/5bb5ecfe1e06ac452fc9ee460c8ae2674465e0ef/unserialize.go#L29
This fixes that.
Can you provide a test that was causing this panic?
Sure, I'll try to dig up the data that caused this. But you can also see from that line that it's possible for this to happen. Do you need that test in order to merge this?
Yes, if the last character is a \\
(which is a mangled input anyway?). However, if the last character is not it shouldn't be skipped. So the protection needs to be conditional as well.