php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #19392 $_SESSION = ""; PHP crashes
Submitted: 2002-09-13 10:27 UTC Modified: 2002-09-29 10:33 UTC
Votes:2
Avg. Score:2.5 ± 0.5
Reproduced:1 of 2 (50.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: meesly at phpug dot ch Assigned:
Status: Closed Package: Session related
PHP Version: 4.2.3 OS: Linux, win32
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: meesly at phpug dot ch
New email:
PHP Version: OS:

 

 [2002-09-13 10:27 UTC] meesly at phpug dot ch
Seems that PHP crashes when using $_SESSION = ""; or $_SESSION = null; at Linux and win32.

$_SESSION = array(); works fine.


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-09-13 10:39 UTC] chregu@php.net
I can verify this on linux and latest CVS HEAD

(I now, $_SESSION is expected to be an array, but it shouldn't segfault nevertheless)

here's a backtrace

#0  zend_hash_get_current_key_ex (ht=0x4036e92a, str_index=0xbffff188, str_length=0xbffff18c, num_index=0xbffff190, duplicate=0, 
    pos=0xbffff198) at /opt/cvs/php4.3/Zend/zend_hash.c:1054
#1  0x4026850a in php_session_save_current_state () at /opt/cvs/php4.3/ext/session/session.c:566
#2  0x4026aad1 in php_session_flush () at /opt/cvs/php4.3/ext/session/session.c:1435
#3  0x4026ab10 in zm_deactivate_session (type=1, module_number=35) at /opt/cvs/php4.3/ext/session/session.c:1449
#4  0x403107e6 in module_registry_cleanup (module=0x81368b8) at /opt/cvs/php4.3/Zend/zend_API.c:1170
#5  0x403124a2 in zend_hash_apply (ht=0x40399ac0, apply_func=0x403107ac <module_registry_cleanup>) at /opt/cvs/php4.3/Zend/zend_hash.c:688
#6  0x4030da7c in zend_deactivate_modules () at /opt/cvs/php4.3/Zend/zend.c:585
#7  0x402e6b5d in php_request_shutdown (dummy=0x0) at /opt/cvs/php4.3/main/main.c:898
#8  0x40326623 in apache_php_module_main (r=0x818d624, display_source_mode=0) at /opt/cvs/php4.3/sapi/apache/sapi_apache.c:61
#9  0x40327110 in send_php (r=0x818d624, display_source_mode=0, filename=0x0) at /opt/cvs/php4.3/sapi/apache/mod_php4.c:563
#10 0x40327172 in send_parsed_php (r=0x818d624) at /opt/cvs/php4.3/sapi/apache/mod_php4.c:578
#11 0x08073d89 in ap_invoke_handler ()
#12 0x080894df in process_request_internal ()
#13 0x08089546 in ap_process_request ()
#14 0x0807ffd6 in child_main ()
#15 0x08080191 in make_child ()
#16 0x0808030c in startup_children ()
#17 0x0808099d in standalone_main ()
#18 0x0808120c in main ()
#19 0x400b80bf in __libc_start_main () from /lib/libc.so.6


chregu
 [2002-09-26 18:37 UTC] iliaa@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip

Cannot replicate the crash on Win32 or Linux using the latest CVS.
 [2002-09-28 04:10 UTC] yohgaki@php.net
I should commit fix, but don't have much time now.

The cause would be php_session_save_current_state() is trying to save current state blindly. We need to check if the PS(http_session_vars) is array. If not, just return.

I don't see the fix in current CVS or is this delt in other place?
 [2002-09-29 10:33 UTC] iliaa@php.net
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 22 01:01:30 2024 UTC