Fixed bug #71394 (session_regenerate_id() must close opened session on errors)

diff --git a/NEWS b/NEWS
index 3326ff411e6cbf8862b68af9a23391edd9e02417..d18dada1588467ea673c34e8a5f725657c0ac89c 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -50,6 +50,8 @@ PHP                                                                        NEWS
     Session save handlers must return 'string' always for successful read.
     i.e. Non-existing session read must return empty string. PHP 7.0 is made
     not to tolerate buggy return value. (Yasuo)
+  . Fixed bug #71394 (session_regenerate_id() must close opened session on errors).
+    (Yasuo)
 
 - Standard:
   . Fixed bug #71287 (Error message contains hexadecimal instead of decimal

diff --git a/ext/session/session.c b/ext/session/session.c
index 0ff8600de46e2b3bc1d0d90d946408b827fc0722..8427f852bcfeedadb7a6670f21249a4b05890228 100644 (file)
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -2113,6 +2113,7 @@ static PHP_FUNCTION(session_regenerate_id)
                zend_string_release(PS(id));
                PS(id) = PS(mod)->s_create_sid(&PS(mod_data));
                if (!PS(id)) {
+                       PS(mod)->s_close(&PS(mod_data));
                        PS(session_status) = php_session_none;
                        php_error_docref(NULL, E_RECOVERABLE_ERROR, "Failed to create session ID by collision: %s (path: %s)", PS(mod)->s_name, PS(save_path));
                        RETURN_FALSE;
@@ -2120,6 +2121,7 @@ static PHP_FUNCTION(session_regenerate_id)
        }
        /* Read is required to make new session data at this point. */
        if (PS(mod)->s_read(&PS(mod_data), PS(id), &data, PS(gc_maxlifetime)) == FAILURE) {
+               PS(mod)->s_close(&PS(mod_data));
                PS(session_status) = php_session_none;
                php_error_docref(NULL, E_RECOVERABLE_ERROR, "Failed to create(read) session ID: %s (path: %s)", PS(mod)->s_name, PS(save_path));
                RETURN_FALSE;