From b777248ded69289b84d645ba2f36dbc207c77ff7 Mon Sep 17 00:00:00 2001 From: Xinchen Hui Date: Thu, 16 Jan 2014 14:41:12 +0800 Subject: Re-fixed Bug #66481 (Calls to session_name() segfault when session.name is null) --- NEWS | 4 ++++ ext/session/session.c | 5 ++--- ext/session/tests/bug66481.phpt | 17 +++++++++++++++++ 3 files changed, 23 insertions(+), 3 deletions(-) create mode 100644 ext/session/tests/bug66481.phpt diff --git a/NEWS b/NEWS index cffe5ae7d0..81f88bf07f 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,10 @@ PHP NEWS - Core: . Fixed bug #66286 (Incorrect object comparison with inheritance). (Nikita) +- Session: + . Fixed bug #66481 (Calls to session_name() segfault when session.name is + null). (Laruence) + ?? ??? 2013, PHP 5.4.24 - Core: diff --git a/ext/session/session.c b/ext/session/session.c index 35db50ae64..5b03d6362e 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -618,11 +618,10 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */ static PHP_INI_MH(OnUpdateName) /* {{{ */ { /* Numeric session.name won't work at all */ - if (PG(modules_activated) && - (!new_value_length || is_numeric_string(new_value, new_value_length, NULL, NULL, 0))) { + if ((!new_value_length || is_numeric_string(new_value, new_value_length, NULL, NULL, 0))) { int err_type; - if (stage == ZEND_INI_STAGE_RUNTIME) { + if (stage == ZEND_INI_STAGE_RUNTIME || stage == ZEND_INI_STAGE_ACTIVATE || stage == ZEND_INI_STAGE_STARTUP) { err_type = E_WARNING; } else { err_type = E_ERROR; diff --git a/ext/session/tests/bug66481.phpt b/ext/session/tests/bug66481.phpt new file mode 100644 index 0000000000..cf6ad6a8d6 --- /dev/null +++ b/ext/session/tests/bug66481.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #66481: Calls to session_name() segfault when session.name is null. +--INI-- +session.name= +--SKIPIF-- + +--FILE-- +