MFH: fix #40998 (long session array keys are truncated)

author: Antony Dovgal <tony2001@php.net> 2007-04-04 19:52:26 +0000
committer: Antony Dovgal <tony2001@php.net> 2007-04-04 19:52:26 +0000
commit: d3deda3ea201f0a7d396e6055be70f0abc839bd5 (patch)
tree: 2a6c91f4efdc7443d9714f576a2841a108bc53e1
parent: baba58057a0356d22f2176a567cc5df5f29451cb (diff)
download: php-git-d3deda3ea201f0a7d396e6055be70f0abc839bd5.tar.gz
2 files changed, 2 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 5701bade91..0f1a0bacbd 100644
--- a/NEWS
+++ b/NEWS
@@ -13,6 +13,7 @@ PHP 4                                                                      NEWS
 - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre)
 - Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf
   function) (Kees Cook, Pierre)
+- Fixed bug #40998 (long session array keys are truncated). (Tony)
 - Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony)
 - Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused 
   handle). (Tony)
diff --git a/ext/session/session.c b/ext/session/session.c
index 47cf262744..b9061c3b76 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -480,7 +480,7 @@ PS_SERIALIZER_ENCODE_FUNC(php)
 	PHP_VAR_SERIALIZE_INIT(var_hash);
 
 	PS_ENCODE_LOOP(
-			smart_str_appendl(&buf, key, (unsigned char) key_length);
+			smart_str_appendl(&buf, key, key_length);
 			if (memchr(key, PS_DELIMITER, key_length)) {
 				PHP_VAR_SERIALIZE_DESTROY(var_hash);
 				smart_str_free(&buf);
author	Antony Dovgal <tony2001@php.net>	2007-04-04 19:52:26 +0000
committer	Antony Dovgal <tony2001@php.net>	2007-04-04 19:52:26 +0000
commit	d3deda3ea201f0a7d396e6055be70f0abc839bd5 (patch)
tree	2a6c91f4efdc7443d9714f576a2841a108bc53e1
parent	baba58057a0356d22f2176a567cc5df5f29451cb (diff)
download	php-git-d3deda3ea201f0a7d396e6055be70f0abc839bd5.tar.gz