ID: 25307 Updated by: [EMAIL PROTECTED] Reported By: cristea at pntcd dot ro Status: Verified Bug Type: Session related Operating System: any PHP Version: 4CVS-2003-08-29 (stable) New Comment:
This patch _seems_ to fix this bug: http://www.php.net/~jani/patches/bug25307.patch (doesn't crash for me anymore) Previous Comments: ------------------------------------------------------------------------ [2003-08-29 06:06:02] cristea at pntcd dot ro In this case is a bug. If the serializer is set to 'php' everything is OK. ------------------------------------------------------------------------ [2003-08-29 05:40:25] [EMAIL PROTECTED] Happens only when wddx is the serializer and register_globals is 'On'. Backtrace as follows: 0x40567dfa in var_replace (var_hashx=0x0, ozval=0x8244114, nzval=0x8236ef0) at var_unserializer.re:40 40 var_unserializer.re: No such file or directory. (gdb) bt #0 0x40567dfa in var_replace (var_hashx=0x0, ozval=0x8244114, nzval=0x8236ef0) at var_unserializer.re:40 #1 0x404e727b in php_set_session_var (name=0x824429c "a", namelen=1, state_val=0x8244114, var_hash=0x0) at /usr/src/web/php/php4_3/ext/session/session.c:307 #2 0x405720e2 in ps_srlzr_decode_wddx ( val=0x824724c "<wddxPacket version='1.0'><header/><data><struct><var name='a'><string>test</string></var></struct></data></wddxPacket>", vallen=119) at /usr/src/web/php/php4_3/ext/wddx/wddx.c:292 #3 0x404e7e5c in php_session_decode ( val=0x824724c "<wddxPacket version='1.0'><header/><data><struct><var name='a'><string>test</string></var></struct></data></wddxPacket>", vallen=119) at /usr/src/web/php/php4_3/ext/session/session.c:523 #4 0x404e8254 in php_session_initialize () at /usr/src/web/php/php4_3/ext/session/session.c:608 #5 0x404e9764 in php_session_start () at /usr/src/web/php/php4_3/ext/session/session.c:1036 #6 0x404eb41b in zif_session_start (ht=0, return_value=0x8246ff4, this_ptr=0x0, return_value_used=0) at /usr/src/web/php/php4_3/ext/session/session.c:1475 ------------------------------------------------------------------------ [2003-08-29 04:35:26] cristea at pntcd dot ro Description: ------------ Apache will crash session.serialize_handler is set to wddx and when a $_SESSION var have the same name as a $_POST (or $_GET) var. Try this code: File w1.php ----------- <?php ini_set('session.serialize_handler', 'wddx'); session_start(); $_SESSION['a'] = 'test'; echo <<< EOS <form action="w2.php" method="post"> <input type="text" name="a" value=""> <input type="submit"> </form> EOS; ?> File w2.php ----------- <?php ini_set('session.serialize_handler', 'wddx'); session_start(); print_r($_SESSION); echo "<hr>"; print_r($_POST); ?> ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=25307&edit=1
