|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #30282 Setting session.serialize_handler to none in apache config segfaults PHP
Submitted: 2004-09-29 23:29 UTC Modified: 2004-09-30 18:50 UTC
From: daniele at orlandi dot com Assigned:
Status: Closed Package: Session related
PHP Version: 4.3.9 OS: SuSE Linux 9.1
Private report: No CVE-ID: None
 [2004-09-29 23:29 UTC] daniele at orlandi dot com
This is an almost cosmetic issue. I incorrectly put "none" in apache's configuration file for session.serialize_handler. Starting the session, PHP segfaults; it may be a missing NULL check.

php_value session.serialize_handler none

[pid 31996] open("/tmp/sess_de475dfe390c0d01f35536633634db4a", O_RDWR|O_CREAT, 0600) = 28
[pid 31996] flock(28, LOCK_EX)          = 0
[pid 31996] fcntl64(28, F_SETFD, FD_CLOEXEC) = 0
[pid 31996] fstat64(28, {st_mode=S_IFREG|0600, st_size=0, ...}) = 0
[pid 31996] pread(28, "", 0, 0)
[pid 31996] --- SIGSEGV (Segmentation fault) @ 0 (0) ---


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2004-09-30 10:07 UTC]
Derick, that's the bug I was talking about a month ago.
Here's the patch for it:
It fixes the problem, but I don't like it - I'd prefer "fixing" session extension instead, but it seems that Sascha doesn't read emails anymore.
 [2004-09-30 17:52 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Mar 03 21:01:30 2024 UTC