Disallow \0 chars inside session.save_path

author: Ilia Alshanetsky <iliaa@php.net> 2006-12-01 00:27:20 +0000
committer: Ilia Alshanetsky <iliaa@php.net> 2006-12-01 00:27:20 +0000
commit: 5f3e233ea710d77ec8d28caa2e77fc3cb3728b4a (patch)
tree: 677d2e1d1ba96fba17d27cf5b7117ed01b036a92
parent: c42d25dc33e6680426a48da7e2b41410f652e8e0 (diff)
download: php-git-5f3e233ea710d77ec8d28caa2e77fc3cb3728b4a.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/ext/session/session.c b/ext/session/session.c
index b6754d5df6..46a35a7a9e 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -153,6 +153,10 @@ static PHP_INI_MH(OnUpdateSaveDir)
 	if (stage == PHP_INI_STAGE_RUNTIME) {
 		char *p;
 
+		if (memchr(new_value, '\0', new_value_length) != NULL) {
+			return FAILURE;
+		}
+
 		if ((p = zend_memrchr(new_value, ';', new_value_length))) {
 			p++;
 		} else {
author	Ilia Alshanetsky <iliaa@php.net>	2006-12-01 00:27:20 +0000
committer	Ilia Alshanetsky <iliaa@php.net>	2006-12-01 00:27:20 +0000
commit	5f3e233ea710d77ec8d28caa2e77fc3cb3728b4a (patch)
tree	677d2e1d1ba96fba17d27cf5b7117ed01b036a92
parent	c42d25dc33e6680426a48da7e2b41410f652e8e0 (diff)
download	php-git-5f3e233ea710d77ec8d28caa2e77fc3cb3728b4a.tar.gz