Merge pull request #431 from tmilos/erroneous_unserialize

Erroneous data format for unserializing #430

composer.json

@@ -16,7 +16,8 @@
         "jms/metadata": "~1.1",
         "jms/parser-lib": "1.*",
         "phpcollection/phpcollection": "~0.1",
-        "doctrine/annotations": "1.*"
+        "doctrine/annotations": "1.*",
+        "doctrine/instantiator": "~1.0.3"
     },
     "suggest": {
         "symfony/yaml": "Required if you'd like to serialize data to YAML format."

src/JMS/Serializer/Construction/UnserializeObjectConstructor.php

@@ -18,14 +18,30 @@
 
 namespace JMS\Serializer\Construction;
 
+use Doctrine\Instantiator\Instantiator;
 use JMS\Serializer\VisitorInterface;
 use JMS\Serializer\Metadata\ClassMetadata;
 use JMS\Serializer\DeserializationContext;
 
 class UnserializeObjectConstructor implements ObjectConstructorInterface
 {
+    /** @var Instantiator  */
+    private $instantiator;
+
     public function construct(VisitorInterface $visitor, ClassMetadata $metadata, $data, array $type, DeserializationContext $context)
     {
-        return unserialize(sprintf('O:%d:"%s":0:{}', strlen($metadata->name), $metadata->name));
+        return $this->getInstantiator()->instantiate($metadata->name);
+    }
+
+    /**
+     * @return Instantiator
+     */
+    private function getInstantiator()
+    {
+        if (null == $this->instantiator) {
+            $this->instantiator = new Instantiator();
+        }
+
+        return $this->instantiator;
     }
 }