protect http_session_vars from interrupt corruption

improve save_path check

diff --git a/ext/session/session.c b/ext/session/session.c
index 3a5d153cba4ca01f769e8adf9f5b771fe7a0906e..87fec64d6922abad2e561b6ec40ccb530bb86157 100644 (file)
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -693,11 +693,11 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */
                        p = new_value;
                }
 
-               if (PG(safe_mode) && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
+               if (PG(safe_mode) && *p && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
                        return FAILURE;
                }
 
-               if (PG(open_basedir) && php_check_open_basedir(p TSRMLS_CC)) {
+               if (PG(open_basedir) && *p && php_check_open_basedir(p TSRMLS_CC)) {
                        return FAILURE;
                }
        }
@@ -1882,7 +1882,10 @@ static PHP_FUNCTION(session_unset)
        }
 
        IF_SESSION_VARS() {
-               HashTable *ht = Z_ARRVAL_P(PS(http_session_vars));
+               HashTable *ht;
+
+               SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars));
+               ht = Z_ARRVAL_P(PS(http_session_vars));
 
                if (PG(register_globals)) {
                        uint str_len;
@@ -1960,7 +1963,10 @@ static PHP_FUNCTION(session_unregister)
                return;
        }
 
-       PS_DEL_VARL(p_name, p_name_len);
+       IF_SESSION_VARS() {
+               SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars));
+               PS_DEL_VARL(Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name));
+       }
 
        RETURN_TRUE;
 }