diff options
| author | Yasuo Ohgaki <yohgaki@php.net> | 2016-09-09 11:39:40 +0900 |
|---|---|---|
| committer | Yasuo Ohgaki <yohgaki@php.net> | 2016-09-09 11:39:40 +0900 |
| commit | 17dbb916fc2245b90078c216c31c5ed732570c4c (patch) | |
| tree | 4b245e3344fa75e002f88552268507aadc99a069 | |
| parent | 1cf0a2c9aeb3737e094d6bc4eb31ef150e86bed1 (diff) | |
| parent | fb9444e053dc68b4ad6421224dfd36650376dabc (diff) | |
| download | php-git-17dbb916fc2245b90078c216c31c5ed732570c4c.tar.gz | |
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Update NEWS
Fixed Bug #68015 Session does not report invalid uid for files save handler
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/session/mod_files.c | 2 | ||||
| -rw-r--r-- | ext/session/tests/016.phpt | 6 |
3 files changed, 10 insertions, 2 deletions
@@ -23,6 +23,10 @@ PHP NEWS . Fixed bug #72982 (Memory leak in zend_accel_blacklist_update_regexp() function). (Laruence) +- Session: + . Fixed bug #68015 (Session does not report invalid uid for files save handler). + (Yasuo) + - SQLite3: . Updated to SQLite3 3.14.1. (cmb) diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c index 3b4495abc4..df8374ced0 100644 --- a/ext/session/mod_files.c +++ b/ext/session/mod_files.c @@ -175,6 +175,7 @@ static void ps_files_open(ps_files *data, const char *key) } if (!ps_files_path_create(buf, sizeof(buf), data, key)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to create session data file path. Too short session ID, invalid save_path or path lentgth exceeds MAXPATHLEN(%d)", MAXPATHLEN); return; } @@ -199,6 +200,7 @@ static void ps_files_open(ps_files *data, const char *key) if (fstat(data->fd, &sbuf) || (sbuf.st_uid != 0 && sbuf.st_uid != getuid() && sbuf.st_uid != geteuid())) { close(data->fd); data->fd = -1; + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Session data file is not created by your uid"); return; } #endif diff --git a/ext/session/tests/016.phpt b/ext/session/tests/016.phpt index f23605eb47..ce01c4d037 100644 --- a/ext/session/tests/016.phpt +++ b/ext/session/tests/016.phpt @@ -22,5 +22,7 @@ session_write_close(); print "I live\n"; ?> --EXPECTF-- -Warning: session_start(): Failed to read session data: files (path: 123;:/really%scompletely:::/invalid;;,23123;213) in %s on line %d -I live +Warning: session_start(): Failed to create session data file path. Too short session ID, invalid save_path or path lentgth exceeds MAXPATHLEN(%d) in %s on line 4 + +Warning: session_start(): Failed to read session data: files (path: 123;:/really\completely:::/invalid;;,23123;213) in %s on line 4 +I live
\ No newline at end of file |