Strict session. Detect session id collision

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index e9dc25a4b8ab60b31bfb41202ae3acb1890b1c30..6beee097b25f08fba010ce9cfb422d8179fabab3 100644 (file)
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -459,9 +459,22 @@ PS_GC_FUNC(files)
 PS_CREATE_SID_FUNC(files)
 {
        char *sid;
+       int maxfail = 3;
        PS_FILES_DATA;
 
-       sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
+       do {
+               sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
+               /* Check collision */
+               if (ps_files_key_exists(data, sid TSRMLS_CC) == SUCCESS) {
+                       if (sid) {
+                               efree(sid);
+                               sid = NULL;
+                       }
+                       if (!(maxfail--)) {
+                               return NULL;
+                       }
+               }
+       } while(!sid);
 
        return sid;
 }

diff --git a/ext/session/mod_mm.c b/ext/session/mod_mm.c
index 7ca90833a67e0b81a8713c2c305a7041f2ed783e..69c0da7bdb9aa5341b63d11b378055b1d21d2203 100644 (file)
--- a/ext/session/mod_mm.c
+++ b/ext/session/mod_mm.c
@@ -479,9 +479,22 @@ PS_GC_FUNC(mm)
 PS_CREATE_SID_FUNC(mm)
 {
        char *sid;
+       int maxfail = 3;
        PS_MM_DATA;
 
-       sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
+       do {
+               sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
+               /* Check collision */
+               if (ps_mm_key_exists(data, sid TSRMLS_CC) == SUCCESS) {
+                       if (sid) {
+                               efree(sid);
+                               sid = NULL;
+                       }
+                       if (!(maxfail--)) {
+                               return NULL;
+                       }
+               }
+       } while(!sid);
 
        return sid;
 }