Fix index out of range (#26)

If the string only contains a backslash.

Author: yxing-xyz

unserialize.go

@@ -26,24 +26,28 @@ func DecodePHPString(data []byte) string {
 	var buffer bytes.Buffer
 	for i := 0; i < len(data); i++ {
 		if data[i] == '\\' {
-			switch data[i+1] {
-			case 'x':
-				b, _ := strconv.ParseInt(string(data[i+2:i+4]), 16, 32)
-				buffer.WriteByte(byte(b))
-				i += 3
-
-			case 'n':
-				buffer.WriteByte('\n')
-				i++
-
-			case '\'':
-				buffer.WriteByte(data[i+1])
-				i++
-
-			default:
-				// It's a bit annoying but a backlash itself is not escaped. So
-				// if it was not followed by a known character we have to assume
-				// this.
+			if i+1 <= len(data)-1 {
+				switch data[i+1] {
+				case 'x':
+					b, _ := strconv.ParseInt(string(data[i+2:i+4]), 16, 32)
+					buffer.WriteByte(byte(b))
+					i += 3
+
+				case 'n':
+					buffer.WriteByte('\n')
+					i++
+
+				case '\'':
+					buffer.WriteByte(data[i+1])
+					i++
+
+				default:
+					// It's a bit annoying but a backlash itself is not escaped. So
+					// if it was not followed by a known character we have to assume
+					// this.
+					buffer.WriteByte('\\')
+				}
+			} else {
 				buffer.WriteByte('\\')
 			}
 		} else {

unserialize_test.go

@@ -233,6 +233,7 @@ func TestUnmarshalString(t *testing.T) {
 			nil,
 		},
 		"not a string": {[]byte("N;"), "", errors.New("not a string")},
+		"Backslash":    {[]byte("s:1:\"\\\";"), "\\", nil},
 	}
 
 	for testName, test := range tests {