php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #59641 Extension doesn't read INI values correctly
Submitted: 2011-02-26 16:01 UTC Modified: 2012-03-07 05:43 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: steve dot caligo at ctie dot etat dot lu Assigned: andrei
Status: Closed Package: memcached (PECL)
PHP Version: 5.3.5 OS:
Private report: No CVE-ID:
 [2011-02-26 16:01 UTC] steve dot caligo at ctie dot etat dot lu
Description:
------------
Sessions never expire when using the "memcached" handler.

zend_ini_long() expects a string length including the 
termination zero byte. As such, the ZEND_STRS macro has to be 
used and not the ZEND_STRL.

At least the following values should be affected in 
php_memcached.c: "max_execution_time" as well as 
"session.gc_maxlifetime".

Reproduce code:
---------------
Set "gc_maxlifetime" to a non-zero value, start a session using session_start() and capture the packets going to the Memcached server.


Patch:

--- memcached-1.0.2/php_memcached.c.orig        1970-01-01 10:13:08.000000000 +0100
+++ memcached-1.0.2/php_memcached.c     2011-02-26 21:51:07.652023126 +0100
@@ -2412,7 +2412,7 @@
        memcached_return status;
        /* set max timeout for session_start = max_execution_time.  (c) Andrei Darashenka, Richter & Poweleit GmbH */
 
-       lock_maxwait = zend_ini_long(ZEND_STRL("max_execution_time"), 0);
+       lock_maxwait = zend_ini_long(ZEND_STRS("max_execution_time"), 0);
        if (lock_maxwait <= 0) {
                lock_maxwait = MEMC_SESS_LOCK_EXPIRATION;
        }
@@ -2522,7 +2522,7 @@
        memcached_st *memc_sess = PS_GET_MOD_DATA();
 
        sess_key_len = spprintf(&sess_key, 0, "memc.sess.key.%s", key);
-       sess_lifetime = zend_ini_long(ZEND_STRL("session.gc_maxlifetime"), 0);
+       sess_lifetime = zend_ini_long(ZEND_STRS("session.gc_maxlifetime"), 0);
        if (sess_lifetime > 0) {
                expiration = time(NULL) + sess_lifetime;
        } else {

Expected result:
----------------
The expiration time should be time() + gc_maxlifetime.

Actual result:
--------------
The expiration time is 0.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-03-06 13:50 UTC] andrei@php.net
Thank you for the report and the patch. This has been fixed in 
2.0 branch already. I intend to release the 2.0 beta next 
week, so perhaps you could try it when it's out.
 [2012-03-07 05:43 UTC] andrei@php.net
Fixed in 2.0.1.
 [2012-03-07 05:43 UTC] andrei@php.net
-Status: Analyzed +Status: Closed -Assigned To: +Assigned To: andrei
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 17 21:01:56 2014 UTC