]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4369785)
Fixed bug #29925 (Added a check to prevent illegal characters in session
authorIlia Alshanetsky <iliaa@php.net>
Thu, 2 Sep 2004 02:44:04 +0000 (02:44 +0000)
committerIlia Alshanetsky <iliaa@php.net>
Thu, 2 Sep 2004 02:44:04 +0000 (02:44 +0000)
key).

ext/session/session.c patch | blob | history

diff --git a/ext/session/session.c b/ext/session/session.c
index 0301108addd98b85e7601a79e761d0e6c97325d3..d263ac6d6e0bbd196667164a666597455b50c6b1 100644 (file)
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -451,6 +451,11 @@ PS_SERIALIZER_ENCODE_FUNC(php)
 
        PS_ENCODE_LOOP(
                        smart_str_appendl(&buf, key, (unsigned char) key_length);
+                       if (memchr(key, PS_DELIMITER, key_length)) {
+                               PHP_VAR_SERIALIZE_DESTROY(var_hash);
+                               smart_str_free(&buf);                           
+                               return FAILURE;
+                       }
                        smart_str_appendc(&buf, PS_DELIMITER);
                        
                        php_var_serialize(&buf, struc, &var_hash TSRMLS_CC);
Unnamed repository; edit this file 'description' to name the repository.