tony2001 Thu Sep 30 08:19:59 2004 EDT Modified files: /php-src/ext/session session.c Log: fix segfault when using unknown/unsupported save_handler and/or serialize_handler (bug #30282) http://cvs.php.net/diff.php/php-src/ext/session/session.c?r1=1.395&r2=1.396&ty=u Index: php-src/ext/session/session.c diff -u php-src/ext/session/session.c:1.395 php-src/ext/session/session.c:1.396 --- php-src/ext/session/session.c:1.395 Tue Sep 14 19:57:53 2004 +++ php-src/ext/session/session.c Thu Sep 30 08:19:59 2004 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: session.c,v 1.395 2004/09/14 23:57:53 iliaa Exp $ */ +/* $Id: session.c,v 1.396 2004/09/30 12:19:59 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -543,7 +543,11 @@ char *ret = NULL; IF_SESSION_VARS() { - if (PS(serializer)->encode(&ret, newlen TSRMLS_CC) == FAILURE) + if (!PS(serializer)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown session.save_handler. Failed to encode session object."); + ret = NULL; + } + else if (PS(serializer)->encode(&ret, newlen TSRMLS_CC) == FAILURE) ret = NULL; } else { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot encode non-existent session."); @@ -554,6 +558,10 @@ static void php_session_decode(const char *val, int vallen TSRMLS_DC) { + if (!PS(serializer)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown session.save_handler. Failed to decode session object."); + return; + } if (PS(serializer)->decode(val, vallen TSRMLS_CC) == FAILURE) { php_session_destroy(TSRMLS_C); php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to decode session object. Session has been destroyed."); @@ -1087,6 +1095,21 @@ PS(define_sid) = 1; PS(send_cookie) = 1; if (PS(session_status) != php_session_none) { + + if (PS(session_status) == php_session_disabled) { + char *value; + + value = zend_ini_string("session.save_handler", sizeof("session.save_handler"), 0); + + if (value) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot find save handler %s", value); + } + else { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot find unknown save handler"); + } + return; + } + php_error(E_NOTICE, "A session had already been started - ignoring session_start()"); return; } @@ -1498,9 +1521,15 @@ WRONG_PARAM_COUNT; } - if (PS(session_status) == php_session_none) + if (PS(session_status) == php_session_none || PS(session_status) == php_session_disabled) { php_session_start(TSRMLS_C); - + } + + if (PS(session_status) == php_session_disabled) { + efree(args); + RETURN_FALSE; + } + for (i = 0; i < argc; i++) { if (Z_TYPE_PP(args[i]) == IS_ARRAY) SEPARATE_ZVAL(args[i]);
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php