php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Return to Bug #67694
Patch write-short-circuit-fix revision 2014-08-23 14:18 UTC by tyrael@php.net
revision 2014-08-23 07:15 UTC by tyrael@php.net

Patch write-short-circuit-fix for Session related Bug #67694

Patch version 2014-08-23 07:15 UTC

Return to Bug #67694 | Download this patch
This patch is obsolete

Obsoleted by patches:

Patch Revisions:

Developer: tyrael@php.net

diff --git a/ext/session/session.c b/ext/session/session.c
index d1a7a07..f7346ae 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -519,7 +519,7 @@ static void php_session_initialize(TSRMLS_D) /* {{{ */
                /* Store read data's MD5 hash */
                PHP_MD5Init(&context);
                PHP_MD5Update(&context, val, vallen);
-               PHP_MD5Final(PS(session_data_hash), &context);
+               PHP_MD5Final(sprintf("%s|%s", PS(id), PS(session_data_hash)), &context);

                php_session_decode(val, vallen TSRMLS_CC);
                str_efree(val);
@@ -553,7 +553,7 @@ static void php_session_save_current_state(TSRMLS_D) /* {{{ */
                                /* Generate data's MD5 hash */
                                PHP_MD5Init(&context);
                                PHP_MD5Update(&context, val, vallen);
-                               PHP_MD5Final(digest, &context);
+                               PHP_MD5Final(sprintf("%s|%s", PS(id), digest), &context);
                                /* Write only when save is required */
                                if (memcmp(digest, PS(session_data_hash), 16)) {
                                        ret = PS(mod)->s_write(&PS(mod_data), PS(id), val, vallen TSRMLS_CC);
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Nov 05 15:00:01 2025 UTC