diff options
Diffstat (limited to 'ext/session/session.c')
| -rw-r--r-- | ext/session/session.c | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/ext/session/session.c b/ext/session/session.c index 380cad5b58..48cd0f1bdf 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -963,11 +963,13 @@ PS_SERIALIZER_DECODE_FUNC(php_binary) /* {{{ */ int namelen; zend_string *name; php_unserialize_data_t var_hash; + int skip = 0; PHP_VAR_UNSERIALIZE_INIT(var_hash); for (p = val; p < endptr; ) { zval *tmp; + skip = 0; namelen = ((unsigned char)(*p)) & (~PS_BIN_UNDEF); if (namelen < 0 || namelen > PS_BIN_MAX || (p + namelen) >= endptr) { @@ -984,8 +986,7 @@ PS_SERIALIZER_DECODE_FUNC(php_binary) /* {{{ */ if ((tmp = zend_hash_find(&EG(symbol_table), name))) { if ((Z_TYPE_P(tmp) == IS_ARRAY && Z_ARRVAL_P(tmp) == &EG(symbol_table)) || tmp == &PS(http_session_vars)) { - zend_string_release(name); - continue; + skip = 1; } } @@ -994,7 +995,9 @@ PS_SERIALIZER_DECODE_FUNC(php_binary) /* {{{ */ current = var_tmp_var(&var_hash); if (php_var_unserialize(current, (const unsigned char **) &p, (const unsigned char *) endptr, &var_hash)) { ZVAL_PTR(&rv, current); - php_set_session_var(name, &rv, &var_hash ); + if (!skip) { + php_set_session_var(name, &rv, &var_hash); + } } else { zend_string_release(name); php_session_normalize_vars(); @@ -1056,6 +1059,7 @@ PS_SERIALIZER_DECODE_FUNC(php) /* {{{ */ zend_string *name; int has_value, retval = SUCCESS; php_unserialize_data_t var_hash; + int skip = 0; PHP_VAR_UNSERIALIZE_INIT(var_hash); @@ -1064,6 +1068,7 @@ PS_SERIALIZER_DECODE_FUNC(php) /* {{{ */ while (p < endptr) { zval *tmp; q = p; + skip = 0; while (*q != PS_DELIMITER) { if (++q >= endptr) goto break_outer_loop; } @@ -1081,7 +1086,7 @@ PS_SERIALIZER_DECODE_FUNC(php) /* {{{ */ if ((tmp = zend_hash_find(&EG(symbol_table), name))) { if ((Z_TYPE_P(tmp) == IS_ARRAY && Z_ARRVAL_P(tmp) == &EG(symbol_table)) || tmp == &PS(http_session_vars)) { - goto skip; + skip = 1; } } @@ -1090,14 +1095,18 @@ PS_SERIALIZER_DECODE_FUNC(php) /* {{{ */ current = var_tmp_var(&var_hash); if (php_var_unserialize(current, (const unsigned char **)&q, (const unsigned char *)endptr, &var_hash)) { ZVAL_PTR(&rv, current); - php_set_session_var(name, &rv, &var_hash); + if (!skip) { + php_set_session_var(name, &rv, &var_hash); + } } else { zend_string_release(name); retval = FAILURE; goto break_outer_loop; } } else { - PS_ADD_VARL(name); + if(!skip) { + PS_ADD_VARL(name); + } } skip: zend_string_release(name); |