diff options
author | Antony Dovgal <tony2001@php.net> | 2007-04-04 19:52:26 +0000 |
---|---|---|
committer | Antony Dovgal <tony2001@php.net> | 2007-04-04 19:52:26 +0000 |
commit | d3deda3ea201f0a7d396e6055be70f0abc839bd5 (patch) | |
tree | 2a6c91f4efdc7443d9714f576a2841a108bc53e1 | |
parent | baba58057a0356d22f2176a567cc5df5f29451cb (diff) | |
download | php-git-d3deda3ea201f0a7d396e6055be70f0abc839bd5.tar.gz |
MFH: fix #40998 (long session array keys are truncated)
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | ext/session/session.c | 2 |
2 files changed, 2 insertions, 1 deletions
@@ -13,6 +13,7 @@ PHP 4 NEWS - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf function) (Kees Cook, Pierre) +- Fixed bug #40998 (long session array keys are truncated). (Tony) - Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony) - Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused handle). (Tony) diff --git a/ext/session/session.c b/ext/session/session.c index 47cf262744..b9061c3b76 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -480,7 +480,7 @@ PS_SERIALIZER_ENCODE_FUNC(php) PHP_VAR_SERIALIZE_INIT(var_hash); PS_ENCODE_LOOP( - smart_str_appendl(&buf, key, (unsigned char) key_length); + smart_str_appendl(&buf, key, key_length); if (memchr(key, PS_DELIMITER, key_length)) { PHP_VAR_SERIALIZE_DESTROY(var_hash); smart_str_free(&buf); |