|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2012-01-28 01:24 UTC] felipe@php.net
[2012-01-28 01:25 UTC] felipe@php.net
-Status: Open
+Status: Assigned
-Assigned To:
+Assigned To: felipe
[2012-01-28 01:25 UTC] felipe@php.net
[2012-01-28 21:02 UTC] felipe@php.net
[2012-01-28 21:02 UTC] felipe@php.net
[2012-01-28 21:02 UTC] felipe@php.net
-Status: Assigned
+Status: Closed
[2012-04-18 09:46 UTC] laruence@php.net
[2012-07-24 23:37 UTC] rasmus@php.net
[2013-11-17 09:34 UTC] laruence@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Nov 09 20:00:02 2025 UTC |
Description: ------------ The following script will core dump because the save_handlers have not been defined, but the session extension is not checking to make sure the functions are not null before trying to call them. I would expect an error, but not a core dump. I think the fix would be in mod_user.c to add a check in PS_OPEN_FUNC, PS_CLOSE_FUNC, PS_READ_FUNC, PS_WRITE_FUNC, PS_DESTROY_FUNC, PS_GC_FUNC with something like this: ---- if (PSF(open) == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "user session handler open not found"); return FAILURE; } ---- Or maybe the error "User session functions not configured" or something. The problem I have with the patch is that it needs TSRMLS_CC, which the PS function don't pass in and I don't know enough about the threading stuff to fix. Test script: --------------- % php -d session.save_handler=user <?PHP session_start(); var_dump($_SESSION); ?> Expected result: ---------------- Expecting a warning about how the user session function are not defined/set. Actual result: -------------- This is a backtrace from running under Apache 2.x #0 zend_is_callable_ex (callable=0x0, object_ptr=0x0, check_flags=8, callable_name=0xffffaf48, callable_name_len=0xffffae8c, fcc=0xffffaf50, error=0xffffaf4c) at php-5.3.9/Zend/zend_API.c:2718 #1 0xf72e150a in zend_call_function (fci=0xffffaff0, fci_cache=0xffffaf50) at php-5.3.9/Zend/zend_execute_API.c:817 #2 0xf72e21c1 in call_user_function_ex (function_table=0x81f43f8, object_pp=0x0, function_name=0xffffaf4c, retval_ptr_ptr=0xffffaf4c, param_count=4294946636, params=0xffffaf4c, no_separation=-20660, symbol_table=0xffffaf4c) at php-5.3.9/Zend/zend_execute_API.c:758 #3 0xf72e2235 in call_user_function (function_table=0x81f43f8, object_pp=0x0, function_name=0x0, retval_ptr=0xf6cc7d10, param_count=2, params=0xffffb0c0) at php-5.3.9/Zend/zend_execute_API.c:731 #4 0xf6a35fcf in ps_call_handler (func=0x0, argc=2, argv=0xffffb0c0) at php-5.3.9/ext/session/mod_user.c:53 #5 0xf6a360e7 in ps_open_user (mod_data=0xffffaf4c, save_path=0xf6a36a49 "", session_name=0xf6a3675f "YBY") at php-5.3.9/ext/session/mod_user.c:93 #6 0xf6a32951 in php_session_start () at php-5.3.9/ext/session/session.c:512 #7 0xf6a34784 in zif_session_start (ht=0, return_value=0xf6cc7b00, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0) at php-5.3.9/ext/session/session.c:1911 #8 0xf7315474 in zend_do_fcall_common_helper_SPEC (execute_data=0xf654f028) at php-5.3.9/Zend/zend_vm_execute.h:320 #9 0xf73144ba in execute (op_array=0xf6cc7a1c) at php-5.3.9/Zend/zend_vm_execute.h:107 #10 0xf72f0e31 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at php-5.3.9/Zend/zend.c:1237 #11 0xf7294be4 in php_execute_script (primary_file=0xffffd5d0) at php-5.3.9/main/main.c:2343 #12 0xf737ae3d in php_handler (r=0x82c6588) at php-5.3.9/sapi/apache2handler/sapi_apache2.c:685 #13 0x08074ddd in ap_run_handler (r=0x82c6588) at config.c:157 #14 0x080751c1 in ap_invoke_handler (r=0x82c6588) at config.c:376 #15 0x08081d22 in ap_process_request (r=0x82c6588) at http_request.c:282 #16 0x0807f31a in ap_process_http_connection (c=0x82c23b8) at http_core.c:190 #17 0x0807b971 in ap_run_process_connection (c=0x82c23b8) at connection.c:43 #18 0x080868b7 in child_main (child_num_arg=Variable "child_num_arg" is not available. ) at prefork.c:667 #19 0x08086ab1 in make_child (s=0x80aafd0, slot=0) at prefork.c:712 #20 0x08087153 in ap_mpm_run (_pconf=0x80a90d8, plog=0x80d7190, s=0x80aafd0) at prefork.c:990 #21 0x08063047 in main (argc=2, argv=0xffffdb74) at main.c:739