diff options
author | Adam Harvey <aharvey@php.net> | 2014-09-08 19:25:14 +0000 |
---|---|---|
committer | Adam Harvey <aharvey@php.net> | 2014-09-08 19:25:14 +0000 |
commit | bc44eb61728951ffe789be91ea0142a4120afc50 (patch) | |
tree | ac54c15a51a5d784cdd64e93e6bace19520f26dd | |
parent | b16929ca7294fb047e63eb6c04d715d980a50c47 (diff) | |
download | php-git-bc44eb61728951ffe789be91ea0142a4120afc50.tar.gz |
Fix bug #67972 (SessionHandler Invalid memory read create_sid()).
SessionHandler::create_sid() didn't check if PS(default_mod) was initialised
before attempting to call its create_sid() handler.
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | ext/session/mod_user_class.c | 2 | ||||
-rw-r--r-- | ext/session/tests/bug67972.phpt | 10 |
3 files changed, 14 insertions, 1 deletions
@@ -2,7 +2,8 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2014, PHP 5.5.18 - +- Session: + . Fixed bug #67972 (SessionHandler Invalid memory read create_sid()). (Adam) 11 Sep 2014, PHP 5.5.17 diff --git a/ext/session/mod_user_class.c b/ext/session/mod_user_class.c index 3b6687741e..119a536fb2 100644 --- a/ext/session/mod_user_class.c +++ b/ext/session/mod_user_class.c @@ -148,6 +148,8 @@ PHP_METHOD(SessionHandler, create_sid) { char *id; + PS_SANITY_CHECK; + if (zend_parse_parameters_none() == FAILURE) { return; } diff --git a/ext/session/tests/bug67972.phpt b/ext/session/tests/bug67972.phpt new file mode 100644 index 0000000000..63ed3a95b8 --- /dev/null +++ b/ext/session/tests/bug67972.phpt @@ -0,0 +1,10 @@ +--TEST-- +Bug #67972: SessionHandler Invalid memory read create_sid() +--SKIPIF-- +<?php include('skipif.inc'); ?> +--FILE-- +<?php + +(new SessionHandler)->create_sid(); +--EXPECTF-- +Fatal error: SessionHandler::create_sid(): Cannot call default session handler in %s on line %d |