Patch session_read_check for Session related Bug #73394
Patch version 2016-10-26 16:13 UTC
Return to Bug #73394 |
Download this patch
Patch Revisions:
Developer: martijn@openbsd.org
--- ./ext/session/session.c.orig Thu Oct 13 16:04:27 2016
+++ ./ext/session/session.c Wed Oct 26 17:04:46 2016
@@ -538,19 +538,16 @@
PS(send_cookie) = 1;
}
}
+ if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, PS(gc_maxlifetime)) == FAILURE) {
+ php_error_docref(NULL, E_ERROR, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path));
+ return;
+ }
php_session_reset_id();
PS(session_status) = php_session_active;
/* Read data */
php_session_track_init();
- if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, PS(gc_maxlifetime)) == FAILURE) {
- /* Some broken save handler implementation returns FAILURE for non-existent session ID */
- /* It's better to raise error for this, but disabled error for better compatibility */
- /*
- php_error_docref(NULL, E_NOTICE, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path));
- */
- }
/* GC must be done after read */
php_session_gc();
|