php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #27099 session_decode crash on incorrect data
Submitted: 2004-01-30 10:14 UTC Modified: 2004-02-04 19:17 UTC
From: oleg at khimich dot com Assigned:
Status: No Feedback Package: Session related
PHP Version: 4.3.4 OS: Windows XP
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: oleg at khimich dot com
New email:
PHP Version: OS:

 

 [2004-01-30 10:14 UTC] oleg at khimich dot com 
Description:
------------
In incorrect data passed to session_decode function PHP engine may crash.

Reproduce code:
---------------
Made session dump with:
 $f=fopen("$name.profile","w");
 fwrite($f,session_encode());
 fclose($f);

and then if partial read was made before decoding session:
 $t=fread($f,65000); instead of $t=fread($f,filesize("$name.profile"));
so, now in $t there is unclosed strings, brackets..
Now try to make session_decode($t) and php probably crash.


Expected result:
----------------
WinXP shows exeption for apache process

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-01-30 12:22 UTC] sniper@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

I can not reproduce this. (try provide full example)
 [2004-02-04 19:17 UTC] sniper@php.net 
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Nov 05 09:00:01 2025 UTC