Remove outdate checks

2 files changed, 6 insertions, 17 deletions

diff --git a/ext/session/session.c b/ext/session/session.c
index b303b90653..9668db4c83 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -835,7 +835,6 @@ PS_SERIALIZER_DECODE_FUNC(php_binary) /* {{{ */
 	PHP_VAR_UNSERIALIZE_INIT(var_hash);
 
 	for (p = val; p < endptr; ) {
-		zval *tmp;
 		skip = 0;
 		namelen = ((unsigned char)(*p)) & (~PS_BIN_UNDEF);
 
@@ -850,13 +849,6 @@ PS_SERIALIZER_DECODE_FUNC(php_binary) /* {{{ */
 
 		p += namelen + 1;
 
-		if ((tmp = zend_hash_find(&EG(symbol_table), name))) {
-			if ((Z_TYPE_P(tmp) == IS_ARRAY &&
-				Z_ARRVAL_P(tmp) == &EG(symbol_table)) || tmp == &PS(http_session_vars)) {
-				skip = 1;
-			}
-		}
-
 		if (has_value) {
 			zval *current, rv;
 			current = var_tmp_var(&var_hash);
@@ -933,7 +925,6 @@ PS_SERIALIZER_DECODE_FUNC(php) /* {{{ */
 	p = val;
 
 	while (p < endptr) {
-		zval *tmp;
 		q = p;
 		skip = 0;
 		while (*q != PS_DELIMITER) {
@@ -950,13 +941,6 @@ PS_SERIALIZER_DECODE_FUNC(php) /* {{{ */
 		name = zend_string_init(p, namelen, 0);
 		q++;
 
-		if ((tmp = zend_hash_find(&EG(symbol_table), name))) {
-			if ((Z_TYPE_P(tmp) == IS_ARRAY &&
-				Z_ARRVAL_P(tmp) == &EG(symbol_table)) || tmp == &PS(http_session_vars)) {
-				skip = 1;
-			}
-		}
-
 		if (has_value) {
 			zval *current, rv;
 			current = var_tmp_var(&var_hash);
diff --git a/ext/session/tests/bug72681.phpt b/ext/session/tests/bug72681.phpt
index ceca6ecc33..4752767d50 100644
--- a/ext/session/tests/bug72681.phpt
+++ b/ext/session/tests/bug72681.phpt
@@ -6,12 +6,17 @@ Bug #72681: PHP Session Data Injection Vulnerability
 <?php
 ini_set('session.serialize_handler', 'php');
 session_start();
-$GLOBALS['ryat'] = $GLOBALS;
+$GLOBALS['ryat'] = $_SESSION;
 $_SESSION['ryat'] = 'ryat|O:8:"stdClass":0:{}';
 session_write_close();
 session_start();
+var_dump($ryat);
 var_dump($_SESSION);
 ?>
 --EXPECT--
 array(0) {
 }
+array(1) {
+  ["ryat"]=>
+  string(24) "ryat|O:8:"stdClass":0:{}"
+}