1 files changed, 23 insertions, 0 deletions

diff --git a/ext/standard/tests/serialize/bug68594.phpt b/ext/standard/tests/serialize/bug68594.phpt
new file mode 100644
index 000000000..60fc7a76a
--- /dev/null
+++ b/ext/standard/tests/serialize/bug68594.phpt
@@ -0,0 +1,23 @@
+--TEST--
+Bug #68545 Use after free vulnerability in unserialize()
+--FILE--
+<?php
+for ($i=4; $i<100; $i++) {
+	$m = new StdClass();
+
+	$u = array(1);
+
+	$m->aaa = array(1,2,&$u,4,5);
+	$m->bbb = 1;
+	$m->ccc = &$u;
+	$m->ddd = str_repeat("A", $i);
+
+	$z = serialize($m);
+	$z = str_replace("bbb", "aaa", $z);
+	$y = unserialize($z);
+	$z = serialize($y);
+}
+?>
+===DONE===
+--EXPECTF--
+===DONE===