diff options
| author | Sascha Schumann <sas@php.net> | 2003-08-29 12:33:47 +0000 |
|---|---|---|
| committer | Sascha Schumann <sas@php.net> | 2003-08-29 12:33:47 +0000 |
| commit | a3c89a2e8f4712677cc76f2c8bd2768bf0e29b1a (patch) | |
| tree | b9a77e3631483748714048c3c79c881ce9d3885b | |
| parent | a256170d667001ef80838b6519cde489b66649a0 (diff) | |
| download | php-git-a3c89a2e8f4712677cc76f2c8bd2768bf0e29b1a.tar.gz | |
Fix a segfault which occured when using a storage format not capable
of expressing references (e.g. WDDX) and deserializing a session variable
whose name conflicted with an existing symbol in the global scope.
PR: #25307
Submitted by: Jani Taskinen
Speling fixes: me
| -rw-r--r-- | ext/session/session.c | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/ext/session/session.c b/ext/session/session.c index 4f6e53a1b6..abcb2f6535 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -290,24 +290,31 @@ void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unseri if (PG(register_globals)) { zval **old_symbol; if (zend_hash_find(&EG(symbol_table),name,namelen+1,(void *)&old_symbol) == SUCCESS) { + /* - There was an old one, we need to replace it accurately. - hash_update in zend_set_hash_symbol is not good, because - it will leave referenced variables (such as local instances - of a global variable) dangling. - - BTW: if you use register_globals references between - session-vars won't work because of this very reason! + * A global symbol with the same name exists already. That + * symbol might have been created by other means (e.g. $_GET). + * + * hash_update in zend_set_hash_symbol is not good, because + * it will leave referenced variables (such as local instances + * of a global variable) dangling. + * + * BTW: if you use register_globals references between + * session-vars won't work because of this very reason! */ REPLACE_ZVAL_VALUE(old_symbol,state_val,1); - /* the following line will muck with the reference-table used for - * unserialisation + /* + * The following line will update the reference table used for + * unserialization. It is optional, because some storage + * formats may not be able to represent references. */ - PHP_VAR_UNSERIALIZE_ZVAL_CHANGED(var_hash,state_val,*old_symbol); + if (var_hash) { + PHP_VAR_UNSERIALIZE_ZVAL_CHANGED(var_hash,state_val,*old_symbol); + } zend_set_hash_symbol(*old_symbol, name, namelen, 1, 1, Z_ARRVAL_P(PS(http_session_vars))); } else { |