Imported Upstream version 5.1.5upstream/5.1.5

4 files changed, 64 insertions, 13 deletions

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index 9943c50ad..89f072f53 100644
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: mod_files.c,v 1.100.2.2 2006/01/01 12:50:12 sniper Exp $ */
+/* $Id: mod_files.c,v 1.100.2.3 2006/04/18 00:31:45 iliaa Exp $ */
 
 #include "php.h"
 
@@ -397,10 +397,12 @@ PS_DESTROY_FUNC(files)
 	if (!ps_files_path_create(buf, sizeof(buf), data, key))
 		return FAILURE;
 	
-	ps_files_close(data);
+	if (data->fd != -1) {
+		ps_files_close(data);
 	
-	if (VCWD_UNLINK(buf) == -1) {
-		return FAILURE;
+		if (VCWD_UNLINK(buf) == -1) {
+			return FAILURE;
+		}
 	}
 
 	return SUCCESS;
diff --git a/ext/session/php_session.h b/ext/session/php_session.h
index 6b6dc7bf3..6e13d5415 100644
--- a/ext/session/php_session.h
+++ b/ext/session/php_session.h
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: php_session.h,v 1.101.2.1 2006/01/01 12:50:12 sniper Exp $ */
+/* $Id: php_session.h,v 1.101.2.2 2006/01/28 06:14:49 fmk Exp $ */
 
 #ifndef PHP_SESSION_H
 #define PHP_SESSION_H
@@ -184,9 +184,9 @@ typedef struct ps_serializer_struct {
 
 PHPAPI void session_adapt_url(const char *, size_t, char **, size_t * TSRMLS_DC);
 
-void php_add_session_var(char *name, size_t namelen TSRMLS_DC);
-void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC);
-int php_get_session_var(char *name, size_t namelen, zval ***state_var TSRMLS_DC);
+PHPAPI void php_add_session_var(char *name, size_t namelen TSRMLS_DC);
+PHPAPI void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC);
+PHPAPI int php_get_session_var(char *name, size_t namelen, zval ***state_var TSRMLS_DC);
 
 PHPAPI int php_session_register_module(ps_module *);
 
diff --git a/ext/session/session.c b/ext/session/session.c
index f90f25b1a..b9c6a2201 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -17,7 +17,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: session.c,v 1.417.2.5 2006/01/01 12:50:12 sniper Exp $ */
+/* $Id: session.c,v 1.417.2.8 2006/02/10 07:39:13 rasmus Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -277,7 +277,7 @@ typedef struct {
 
 #define MAX_STR 512
 
-void php_add_session_var(char *name, size_t namelen TSRMLS_DC)
+PHPAPI void php_add_session_var(char *name, size_t namelen TSRMLS_DC)
 {
 	zval **sym_track = NULL;
 	
@@ -318,7 +318,7 @@ void php_add_session_var(char *name, size_t namelen TSRMLS_DC)
 	}
 }
 
-void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC)
+PHPAPI void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC)
 {
 	if (PG(register_globals)) {
 		zval **old_symbol;
@@ -358,7 +358,7 @@ void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unseri
 	}
 }
 
-int php_get_session_var(char *name, size_t namelen, zval ***state_var TSRMLS_DC)
+PHPAPI int php_get_session_var(char *name, size_t namelen, zval ***state_var TSRMLS_DC)
 {
 	int ret = FAILURE;
 
@@ -741,6 +741,12 @@ static void php_session_initialize(TSRMLS_D)
 	char *val;
 	int vallen;
 
+	/* check session name for invalid characters */
+	if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\")) {
+		efree(PS(id));
+		PS(id) = NULL;
+	}
+
 	if (!PS(mod)) {
 		php_error_docref(NULL TSRMLS_CC, E_ERROR, "No storage module chosen - failed to initialize session.");
 		return;
@@ -1082,8 +1088,9 @@ static void php_session_reset_id(TSRMLS_D)
 {
 	int module_number = PS(module_number);
 	
-	if (PS(use_cookies)) {
+	if (PS(use_cookies) && PS(send_cookie)) {
 		php_session_send_cookie(TSRMLS_C);
+		PS(send_cookie) = 0;
 	}
 
 	/* if the SID constant exists, destroy it. */
@@ -1479,6 +1486,7 @@ PHP_FUNCTION(session_regenerate_id)
 	
 		PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC);
 
+		PS(send_cookie) = 1;
 		php_session_reset_id(TSRMLS_C);
 		
 		RETURN_TRUE;
diff --git a/ext/session/tests/bug36459.phpt b/ext/session/tests/bug36459.phpt
new file mode 100644
index 000000000..26ff8684f
--- /dev/null
+++ b/ext/session/tests/bug36459.phpt
@@ -0,0 +1,41 @@
+--TEST--
+bug #31454 (Incorrect adding PHPSESSID to links, which contains \r\n)
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--INI--
+session.use_trans_sid=1
+session.use_cookies=0
+session.name=sid
+--FILE--
+<?php
+error_reporting(E_ALL);
+
+session_start();
+
+# Do not remove \r from this tests, they are essential!
+?>
+<html>

+  <head>

+    <title>Bug #36459 Incorrect adding PHPSESSID to links, which contains \r\n</title>

+  </head>

+  <body>

+    <p>See source html code</p>

+    <a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2"

+       style="font: normal 11pt Times New Roman">incorrect link</a><br />

+    <br />

+    <a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2" style="font: normal 11pt Times New Roman">correct link</a>

+  </body>

+</html>

+--EXPECTF--
+<html>
+  <head>
+    <title>Bug #36459 Incorrect adding PHPSESSID to links, which contains \r\n</title>
+  </head>
+  <body>
+    <p>See source html code</p>
+    <a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2&sid=%s"
+       style="font: normal 11pt Times New Roman">incorrect link</a><br />
+    <br />
+    <a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2&sid=%s" style="font: normal 11pt Times New Roman">correct link</a>
+  </body>
+</html>