MFH: Fixed bug #29925 (Added a check to prevent illegal characters in

session key).
author: Ilia Alshanetsky <iliaa@php.net> 2004-09-02 02:44:12 +0000
committer: Ilia Alshanetsky <iliaa@php.net> 2004-09-02 02:44:12 +0000
commit: ea138b85abda4b0ffe810f8fba8bfa573480bf88 (patch)
tree: 3c3a0632471a1d61ac8ed3898b2c7a56d768fd77 /ext
parent: df93e470ccf3c41696b97a7d627ca67261f7c641 (diff)
download: php-git-ea138b85abda4b0ffe810f8fba8bfa573480bf88.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/ext/session/session.c b/ext/session/session.c
index 135a732253..0b16346eaa 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -451,6 +451,11 @@ PS_SERIALIZER_ENCODE_FUNC(php)
 
 	PS_ENCODE_LOOP(
 			smart_str_appendl(&buf, key, (unsigned char) key_length);
+			if (memchr(key, PS_DELIMITER, key_length)) {
+				PHP_VAR_SERIALIZE_DESTROY(var_hash);
+				smart_str_free(&buf);				
+				return FAILURE;
+			}
 			smart_str_appendc(&buf, PS_DELIMITER);
 			
 			php_var_serialize(&buf, struc, &var_hash TSRMLS_CC);
author	Ilia Alshanetsky <iliaa@php.net>	2004-09-02 02:44:12 +0000
committer	Ilia Alshanetsky <iliaa@php.net>	2004-09-02 02:44:12 +0000
commit	ea138b85abda4b0ffe810f8fba8bfa573480bf88 (patch)
tree	3c3a0632471a1d61ac8ed3898b2c7a56d768fd77 /ext
parent	df93e470ccf3c41696b97a7d627ca67261f7c641 (diff)
download	php-git-ea138b85abda4b0ffe810f8fba8bfa573480bf88.tar.gz