Merge branch 'hotfix/9'

Close #9

Author: weierophinney

CHANGELOG.md

@@ -18,7 +18,10 @@ All notable changes to this project will be documented in this file, in reverse
 
 ### Fixed
 
-- Nothing.
+- [#9](https://github.com/zendframework/zend-serializer/pull/9) fixes the
+  behavior of the `PhpSerialize` adapter to raise an exception during
+  deserialization if the value is not serialized, restoring behavior to match
+  the other adapters.
 
 ## 2.7.1 - 2016-04-18
 

src/Adapter/PhpSerialize.php

@@ -64,8 +64,18 @@ public function serialize($value)
      */
     public function unserialize($serialized)
     {
-        if (!is_string($serialized) || !preg_match('/^((s|i|d|b|a|O|C):|N;)/', $serialized)) {
-            return $serialized;
+        if (! is_string($serialized) || ! preg_match('/^((s|i|d|b|a|O|C):|N;)/', $serialized)) {
+            $value = $serialized;
+            if (is_object($value)) {
+                $value = get_class($value);
+            } elseif (! is_string($value)) {
+                $value = gettype($value);
+            }
+
+            throw new Exception\RuntimeException(sprintf(
+                'Serialized data must be a string containing serialized PHP code; received: %s',
+                $value
+            ));
         }
 
         // If we have a serialized boolean false value, just return false;

test/Adapter/PhpSerializeTest.php

@@ -122,16 +122,47 @@ public function testUnserializeObject()
         $this->assertEquals($expected, $data);
     }
 
-    public function testUnserializingNonserializedStringReturnsItVerbatim()
+    public function invalidSerializationTypes()
     {
-        $value = 'not a serialized string';
-        $this->assertEquals($value, $this->adapter->unserialize($value));
+        return [
+            'null'       => [null, 'NULL'],
+            'true'       => [true, 'boolean'],
+            'false'      => [false, 'boolean'],
+            'zero'       => [0, 'int'],
+            'int'        => [1, 'int'],
+            'zero-float' => [0.0, 'double'],
+            'float'      => [1.1, 'double'],
+            'array'      => [['foo'], 'array'],
+            'object'     => [(object) ['foo' => 'bar'], 'stdClass'],
+        ];
     }
 
-    public function testUnserializingInvalidStringRaisesException()
+    /**
+     * @dataProvider invalidSerializationTypes
+     */
+    public function testUnserializingNoStringRaisesException($value, $expected)
     {
-        $value = 'a:foobar';
-        $this->setExpectedException('Zend\Serializer\Exception\RuntimeException');
+        $this->setExpectedException(
+            'Zend\Serializer\Exception\RuntimeException',
+            $expected
+        );
         $this->adapter->unserialize($value);
     }
+
+    public function invalidStrings()
+    {
+        return [
+            'not-serialized'        => ['foobar', 'foobar'],
+            'invalid-serialization' => ['a:foobar', 'Unserialization failed'],
+        ];
+    }
+
+    /**
+     * @dataProvider invalidStrings
+     */
+    public function testUnserializingInvalidStringRaisesException($string, $expected)
+    {
+        $this->setExpectedException(Serializer\Exception\RuntimeException::class, $expected);
+        $this->adapter->unserialize($string);
+    }
 }