Fixed bug #70876 Segmentation fault when regenerating session id with strict mode

The comment *mod_data always be non-NULL is not true.
The same as this FIXME: https://github.com/php/php-src/blob/master/ext/session/mod_files.c#L676

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index 8301b73f5ee3edce422e66f4f53cf08842c0da55..933df93ca87b1dd45082863abc79e6126f218c12 100644 (file)
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -702,6 +702,10 @@ PS_VALIDATE_SID_FUNC(files)
 {
        PS_FILES_DATA;
 
+       if (!data) {
+               return FAILURE;
+       }
+
        return ps_files_key_exists(data, ZSTR_VAL(key));
 }
 

diff --git a/ext/session/tests/bug70876.phpt b/ext/session/tests/bug70876.phpt
new file mode 100644 (file)
index 0000000..33e0323
--- /dev/null
+++ b/ext/session/tests/bug70876.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Bug #70876 Segmentation fault when regenerating session id with strict mode
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--INI--
+html_errors=0
+session.save_handler=files
+--FILE--
+<?php
+ini_set('session.use_strict_mode', true);
+session_start();
+session_regenerate_id();
+
+echo "ok";
+?>
+--EXPECT--
+ok
\ No newline at end of file