HEX
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
System: Linux f17.eelserver.com 3.10.0-1160.80.1.el7.x86_64 #1 SMP Tue Nov 8 15:48:59 UTC 2022 x86_64
User: zulfiqar (1155)
PHP: 8.2.0
Disabled: mail, exec, system, popen, proc_open, shell_exec, passthru, show_source
$ pwd: /usr/local/src/apcu-5.1.19/tests/
Upload Files
File: //usr/local/src/apcu-5.1.19/tests/bug76145.phpt
--TEST--
Bug #76145: Data corruption reading from APCu while unserializing
--INI--
apc.enabled=1
apc.enable_cli=1
--FILE--
<?php

class Session implements \Serializable
{
  public $session;
  public function unserialize($serialized) { $this -> session = apcu_fetch('session'); }
  public function serialize() { return ''; }
}

// Create array representing a session associated with a user
// account that is enabled but has not been authenticated.
$session = ['user' => ['enabled' => True], 'authenticated' => False];
$session['user']['authenticated'] = &$session['authenticated'];

apcu_store('session', $session);

// After serializing / deserializing, session checks out as authenticated.
print unserialize(serialize(new Session())) -> session['authenticated'] === True ? 'Authenticated.' : 'Not Authenticated.';

?>
--EXPECT--
Not Authenticated.
@ Telegram