diff options
author | Yasuo Ohgaki <yohgaki@php.net> | 2016-01-15 13:47:45 +0900 |
---|---|---|
committer | Yasuo Ohgaki <yohgaki@php.net> | 2016-01-15 15:50:14 +0900 |
commit | bfb9307b2d679a91e138fd876880470ece60942b (patch) | |
tree | 2730b684ea85ee413e01f894afe3006aa4d18f72 /ext/session/mod_user.c | |
parent | d7f8d9e3a9babf0e4f0c1a5590e1feb5e69bd84a (diff) | |
download | php-git-bfb9307b2d679a91e138fd876880470ece60942b.tar.gz |
Fixed bug #69111 (Crash in SessionHandler::read()).
Made session save handler abuse much harder than before.
Diffstat (limited to 'ext/session/mod_user.c')
-rw-r--r-- | ext/session/mod_user.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/ext/session/mod_user.c b/ext/session/mod_user.c index 0b6fb626fd..de2df9d6a7 100644 --- a/ext/session/mod_user.c +++ b/ext/session/mod_user.c @@ -91,7 +91,16 @@ PS_OPEN_FUNC(user) SESS_ZVAL_STRING((char*)save_path, args[0]); SESS_ZVAL_STRING((char*)session_name, args[1]); - retval = ps_call_handler(PSF(open), 2, args TSRMLS_CC); + zend_try { + retval = ps_call_handler(PSF(open), 2, args TSRMLS_CC); + } zend_catch { + PS(session_status) = php_session_none; + if (retval) { + zval_ptr_dtor(&retval); + } + zend_bailout(); + } zend_end_try(); + PS(mod_user_implemented) = 1; FINISH; |