protect http_session_vars from interrupt corruption

improve save_path check
author: Stanislav Malyshev <stas@php.net> 2009-12-04 01:21:32 +0000
committer: Stanislav Malyshev <stas@php.net> 2009-12-04 01:21:32 +0000
commit: 3e6ac4fb6bdb23746e6492055828fcd4819b1495 (patch)
tree: 08a6484f9467d6577cd2d52311a078b2993df00d
parent: 1f8638b1f19e58f6ce23928f462edd1c876bacfa (diff)
download: php-git-3e6ac4fb6bdb23746e6492055828fcd4819b1495.tar.gz
1 files changed, 10 insertions, 4 deletions
diff --git a/ext/session/session.c b/ext/session/session.c
index 3a5d153cba..87fec64d69 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -693,11 +693,11 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */
 			p = new_value;
 		}
 
-		if (PG(safe_mode) && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
+		if (PG(safe_mode) && *p && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
 			return FAILURE;
 		}
 
-		if (PG(open_basedir) && php_check_open_basedir(p TSRMLS_CC)) {
+		if (PG(open_basedir) && *p && php_check_open_basedir(p TSRMLS_CC)) {
 			return FAILURE;
 		}
 	}
@@ -1882,7 +1882,10 @@ static PHP_FUNCTION(session_unset)
 	}
 
 	IF_SESSION_VARS() {
-		HashTable *ht = Z_ARRVAL_P(PS(http_session_vars));
+		HashTable *ht;
+
+		SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars));
+		ht = Z_ARRVAL_P(PS(http_session_vars));
 
 		if (PG(register_globals)) {
 			uint str_len;
@@ -1960,7 +1963,10 @@ static PHP_FUNCTION(session_unregister)
 		return;
 	}
 
-	PS_DEL_VARL(p_name, p_name_len);
+	IF_SESSION_VARS() {
+		SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars));
+		PS_DEL_VARL(Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name));
+	}
 
 	RETURN_TRUE;
 }
author	Stanislav Malyshev <stas@php.net>	2009-12-04 01:21:32 +0000
committer	Stanislav Malyshev <stas@php.net>	2009-12-04 01:21:32 +0000
commit	3e6ac4fb6bdb23746e6492055828fcd4819b1495 (patch)
tree	08a6484f9467d6577cd2d52311a078b2993df00d
parent	1f8638b1f19e58f6ce23928f462edd1c876bacfa (diff)
download	php-git-3e6ac4fb6bdb23746e6492055828fcd4819b1495.tar.gz