From c0dee3b7e3980903ec2b836e8bcb299fca061d7d Mon Sep 17 00:00:00 2001
From: Demian Katz <demian.katz@villanova.edu>
Date: Tue, 16 Feb 2016 12:37:25 -0500
Subject: [PATCH] Validate unserialized data to avoid "member call on
 non-object."

---
 module/VuFind/src/VuFind/Db/Row/Search.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/module/VuFind/src/VuFind/Db/Row/Search.php b/module/VuFind/src/VuFind/Db/Row/Search.php
index 718035c5c67..f7f7451b96f 100644
--- a/module/VuFind/src/VuFind/Db/Row/Search.php
+++ b/module/VuFind/src/VuFind/Db/Row/Search.php
@@ -58,7 +58,11 @@ class Search extends RowGateway
         // Resource check for PostgreSQL compatibility:
         $raw = is_resource($this->search_object)
             ? stream_get_contents($this->search_object) : $this->search_object;
-        return unserialize($raw);
+        $result = unserialize($raw);
+        if (!($result instanceof \VuFind\Search\Minified)) {
+            throw new \Exception('Problem decoding saved search');
+        }
+        return $result;
     }
 
     /**
-- 
GitLab