- Fixed bug #60860 (session.save_handler=user without defined function core dumps)

3 files changed, 28 insertions, 0 deletions

diff --git a/NEWS b/NEWS
index 73a3e2a912..13f83a0cf9 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,10 @@ PHP                                                                        NEWS
 - OpenSSL:
   . Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
     CVE-2011-3389. (Scott)
+    
+- Session:
+  . Fixed bug #60860 (session.save_handler=user without defined function core
+    dumps). (Felipe)
 
 19 Jan 2012, PHP 5.4.0 RC6
 
diff --git a/ext/session/mod_user.c b/ext/session/mod_user.c
index cf13e4b46e..2ff5302f78 100644
--- a/ext/session/mod_user.c
+++ b/ext/session/mod_user.c
@@ -80,6 +80,13 @@ PS_OPEN_FUNC(user)
 {
 	zval *args[2];
 	STDVARS;
+	
+	if (PSF(open) == NULL) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING,
+			"user session functions not defined");
+			
+		return FAILURE;
+	}
 
 	SESS_ZVAL_STRING((char*)save_path, args[0]);
 	SESS_ZVAL_STRING((char*)session_name, args[1]);
diff --git a/ext/session/tests/bug60860.phpt b/ext/session/tests/bug60860.phpt
new file mode 100644
index 0000000000..12310205aa
--- /dev/null
+++ b/ext/session/tests/bug60860.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Bug #60860 (session.save_handler=user without defined function core dumps)
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--INI--
+session.save_handler=user
+--FILE--
+<?php
+
+session_start();
+echo "ok\n";
+
+?>
+--EXPECTF--
+Warning: session_start(): user session functions not defined in %s on line 3
+
+Fatal error: session_start(): Failed to initialize storage module: user (path: ) in %s on line 3