php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73394 php_session_initialize doesn't verify s_read return value
Submitted: 2016-10-26 16:13 UTC Modified: -
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: martijn at openbsd dot org Assigned:
Status: Open Package: Session related
PHP Version: 7.0.12 OS: irrelevant
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2016-10-26 16:13 UTC] martijn at openbsd dot org
Description:
------------
When a read from the session backend fails it still initializes the session without data. This causes problems during either the closing of the session or the php_session_decode (depending on the serializer) with writing an empty session or destroying the session data respectively.

I choose E_ERROR to be in line with s_open and s_create_id function checks, but it can easily changed into E_WARNING to be more in line with the original comment and would cause a return FALSE, because PS(session_status) is not php_session_active.

I haven't looked into other versions, but I guess this applies to other versions as well.

Test script:
---------------
Originally found with https://github.com/php-memcached-dev/php-memcached/ as a session backend.
The script below can be tested by setting up memcached and doing a
"add memc.sess.lock.<session_id> 0 0 1"  on a telnet session to memcached (make sure that memcached.session_locking is set, which it is by default).
The request will first hang and at the end reset the session content in memcached.

<?php
ini_set('session.save_handler', 'memcached');
ini_set('session.save_path', "127.0.0.01:11211");

session_start();
var_dump($_SESSION, session_id());
$_SESSION["a"] = "b";



Patches

session_read_check (last revision 2016-10-26 16:13 UTC by martijn at openbsd dot org)

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sat Sep 21 09:01:27 2019 UTC