[PHP-CVS] cvs: php-src /ext/session session.c

Thu, 30 Sep 2004 05:27:49 -0700 

tony2001                Thu Sep 30 08:19:59 2004 EDT

  Modified files:              
    /php-src/ext/session        session.c 
  Log:
  fix segfault when using unknown/unsupported save_handler and/or serialize_handler 
(bug #30282)
  
  
http://cvs.php.net/diff.php/php-src/ext/session/session.c?r1=1.395&r2=1.396&ty=u
Index: php-src/ext/session/session.c
diff -u php-src/ext/session/session.c:1.395 php-src/ext/session/session.c:1.396
--- php-src/ext/session/session.c:1.395 Tue Sep 14 19:57:53 2004
+++ php-src/ext/session/session.c       Thu Sep 30 08:19:59 2004
@@ -17,7 +17,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: session.c,v 1.395 2004/09/14 23:57:53 iliaa Exp $ */
+/* $Id: session.c,v 1.396 2004/09/30 12:19:59 tony2001 Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -543,7 +543,11 @@
        char *ret = NULL;
 
        IF_SESSION_VARS() {
-               if (PS(serializer)->encode(&ret, newlen TSRMLS_CC) == FAILURE)
+               if (!PS(serializer)) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown 
session.save_handler. Failed to encode session object.");
+                       ret = NULL;
+               }
+               else if (PS(serializer)->encode(&ret, newlen TSRMLS_CC) == FAILURE)
                        ret = NULL;
        } else {
                 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot encode 
non-existent session.");
@@ -554,6 +558,10 @@
 
 static void php_session_decode(const char *val, int vallen TSRMLS_DC)
 {
+       if (!PS(serializer)) {
+               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown 
session.save_handler. Failed to decode session object.");
+               return;
+       }
        if (PS(serializer)->decode(val, vallen TSRMLS_CC) == FAILURE) {
                php_session_destroy(TSRMLS_C);
                php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to decode session 
object. Session has been destroyed.");
@@ -1087,6 +1095,21 @@
        PS(define_sid) = 1;
        PS(send_cookie) = 1;
        if (PS(session_status) != php_session_none) {
+               
+               if (PS(session_status) == php_session_disabled) {
+                       char *value;
+
+                       value = zend_ini_string("session.save_handler", 
sizeof("session.save_handler"), 0);
+                       
+                       if (value) { 
+                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot 
find save handler %s", value);
+                       }
+                       else {
+                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot 
find unknown save handler");
+                       }
+                       return;
+               }
+               
                php_error(E_NOTICE, "A session had already been started - ignoring 
session_start()");
                return;
        }
@@ -1498,9 +1521,15 @@
                WRONG_PARAM_COUNT;
        }
 
-       if (PS(session_status) == php_session_none)
+       if (PS(session_status) == php_session_none || PS(session_status) == 
php_session_disabled) {
                php_session_start(TSRMLS_C);
-
+       }
+       
+       if (PS(session_status) == php_session_disabled) {
+               efree(args);
+               RETURN_FALSE;
+       }
+       
        for (i = 0; i < argc; i++) {
                if (Z_TYPE_PP(args[i]) == IS_ARRAY)
                        SEPARATE_ZVAL(args[i]);

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to