php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #44720 Encoding $_SESSION crashes with recusive arrays
Submitted: 2008-04-14 16:04 UTC Modified: 2008-04-15 01:03 UTC
From: antphill at uk dot ibm dot com Assigned:
Status: Closed Package: Session related
PHP Version: 5.2.6RC5 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: antphill at uk dot ibm dot com
New email:
PHP Version: OS:

 

 [2008-04-14 16:04 UTC] antphill at uk dot ibm dot com 
Description:
------------
If I add create a global variable array which contains recursive entries it causes PHP to crash when I register it by calling session_register. This appears to be because the PS_ENCODE_LOOP macro does not check for recursion.


Reproduce code:
---------------
<?php

$array = array();

$array["foo"] = NULL;
$array["bar"] = NULL;
$array["guff"] = NULL;
$array["blah"] = &$array;

var_dump(session_start());
var_dump(session_register($array));
echo "Done!\n";
?>


Expected result:
----------------
Perhaps we should check for recusion rather like the JSON extension does (see json_encode_array() in JSON.c)?

Actual result:
--------------
bool(true)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-04-14 17:47 UTC] jani@php.net 
session_register() is deprecated. DO NOT USE. Ever. RTFM about $_SESSION.
 [2008-04-15 01:03 UTC] scottmac@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Even though session_register has been removed in 6.0, I don't agree with leaving a segfault. I've fixed this in 5.3 and I'll backport to 5.2 once I check with ilia.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Nov 23 07:01:29 2024 UTC