php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #18167 Session_decode()
Submitted: 2002-07-04 13:58 UTC Modified: 2002-09-25 08:31 UTC
Votes:8
Avg. Score:5.0 ± 0.0
Reproduced:4 of 4 (100.0%)
Same Version:4 (100.0%)
Same OS:3 (75.0%)
From: kilgor at twojepc dot pl Assigned:
Status: Closed Package: Session related
PHP Version: 4.2.1 OS: Linux
Private report: No CVE-ID:
 [2002-07-04 13:58 UTC] kilgor at twojepc dot pl
I write special for you special short script which show that there is big mistake in session_module in php since version 4.1.2 (in this version it works fine) but since that in version 4.2.0 and 4.2.1 and 4.3.0 i have mistake.

Firstly
It simply store short variable ($sesja="test") in session file. When it is store in session it seems like this
'!|sesja|s:4:"test";'

Now i want to use function session_decode():

<?
session_decode('!|sesja|s:4:"test";');
echo("ok");
?>

this script give me mistake and log in apache server:
 child pid 12497 exit signal Segmentation fault (11)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-07-04 14:05 UTC] kilgor at twojepc dot pl
Register global is on.
 [2002-07-04 14:50 UTC] sniper@php.net
Please give us a complete test case, not just one part of it.

 [2002-07-04 15:25 UTC] kilgor at twojepc dot pl
Only try to run this short php script:

<?
session_decode('!|sesja|s:4:"test";');
echo("ok");
?>

on php 4.2.0 or higher
 [2002-07-04 17:46 UTC] derick@php.net
(gdb) bt
#0  0x080eae44 in php_set_session_var (name=0x406d34c4 "sesja", namelen=5,
    state_val=0x406d3554, var_hash=0xbfffdd58)
    at /dat/dev/php/php-4.3.0dev/ext/session/session.c:271
#1  0x080eb3d3 in ps_srlzr_decode_php (val=0x406d343c "!|sesja|s:4:\"test\";",
    vallen=19) at /dat/dev/php/php-4.3.0dev/ext/session/session.c:417
#2  0x080eb5e1 in php_session_decode (val=0x406d343c "!|sesja|s:4:\"test\";",
    vallen=19) at /dat/dev/php/php-4.3.0dev/ext/session/session.c:466
#3  0x080edf5b in zif_session_decode (ht=1, return_value=0x406d3484,
    this_ptr=0x0, return_value_used=0)
    at /dat/dev/php/php-4.3.0dev/ext/session/session.c:1319
#4  0x081cf4c3 in execute (op_array=0x406d312c)
    at /dat/dev/php/php-4.3.0dev/Zend/zend_execute.c:2103
#5  0x081bc6ba in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /dat/dev/php/php-4.3.0dev/Zend/zend.c:833
#6  0x0818e0c6 in php_execute_script (primary_file=0xbffff2c0)
    at /dat/dev/php/php-4.3.0dev/main/main.c:1390
#7  0x081d9f68 in main (argc=1, argv=0xbffff364)
    at /dat/dev/php/php-4.3.0dev/sapi/cli/php_cli.c:674
#8  0x404c7507 in __libc_start_main (main=0x81d96c8 <main>, argc=1,
    ubp_av=0xbffff364, init=0x806e438 <_init>, fini=0x81da5f0 <_fini>,
    rtld_fini=0x4000dc14 <_dl_fini>, stack_end=0xbffff35c)
    at ../sysdeps/generic/libc-start.c:129
 [2002-07-04 18:07 UTC] kilgor at twojepc dot pl
Hi And anyone see mistake in session_decode() I use a lot of this function update my statistic in database from session files before i delete it. Now i can't use it :)
 [2002-09-25 08:31 UTC] iliaa@php.net
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 24 21:01:55 2014 UTC