Fix #79413: session_create_id() fails for active sessions

The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the
function is supposed to return `SUCCESS` if the session already exists.
So to detect a collision, we have to check for `SUCCESS`, not
`FAILURE`.

We also fix the wrong condition in session_regenerate_id() as well.

diff --git a/NEWS b/NEWS
index 2a8a0da2af566f9224b6aea7d3412d52351ea881..454fedc86c02bd8bf38ad61737524fd9a0b4bbaa 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -20,6 +20,9 @@ PHP                                                                        NEWS
   . Fixed bug #79412 (Opcache chokes and uses 100% CPU on specific script).
     (Dmitry)
 
+- Session:
+  . Fixed bug #79413 (session_create_id() fails for active sessions). (cmb)
+
 - Shmop:
   . Fixed bug #79427 (Integer Overflow in shmop_open()). (cmb)
 

diff --git a/ext/session/session.c b/ext/session/session.c
index 078b3f0b3ce85cbd062cd1430b3621c337993b71..52b9da31808de8b6f20e830a97f4170c9bc4efaf 100644 (file)
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -2223,7 +2223,7 @@ static PHP_FUNCTION(session_regenerate_id)
                RETURN_FALSE;
        }
        if (PS(use_strict_mode) && PS(mod)->s_validate_sid &&
-               PS(mod)->s_validate_sid(&PS(mod_data), PS(id)) == FAILURE) {
+               PS(mod)->s_validate_sid(&PS(mod_data), PS(id)) == SUCCESS) {
                zend_string_release_ex(PS(id), 0);
                PS(id) = PS(mod)->s_create_sid(&PS(mod_data));
                if (!PS(id)) {
@@ -2285,7 +2285,7 @@ static PHP_FUNCTION(session_create_id)
                                break;
                        } else {
                                /* Detect collision and retry */
-                               if (PS(mod)->s_validate_sid(&PS(mod_data), new_id) == FAILURE) {
+                               if (PS(mod)->s_validate_sid(&PS(mod_data), new_id) == SUCCESS) {
                                        zend_string_release_ex(new_id, 0);
                     new_id = NULL;
                                        continue;

diff --git a/ext/session/tests/bug79091.phpt b/ext/session/tests/bug79091.phpt
index 1d14427159aca7c61ded490b7a32d0104e23f6d7..4d60e698729ec35f48ba9bd1c3fb144cfd0e7a4c 100644 (file)
--- a/ext/session/tests/bug79091.phpt
+++ b/ext/session/tests/bug79091.phpt
@@ -50,7 +50,7 @@ class MySessionHandler implements SessionHandlerInterface, SessionIdInterface, S
 
     public function validateId($key)
     {
-        return false;
+        return true;
     }
 }
 

diff --git a/ext/session/tests/bug79413.phpt b/ext/session/tests/bug79413.phpt
new file mode 100644 (file)
index 0000000..756b29f
--- /dev/null
+++ b/ext/session/tests/bug79413.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Bug #79413 (session_create_id() fails for active sessions)
+--SKIPIF--
+<?php
+if (!extension_loaded('session')) die('skip session extension not available');
+?>
+--FILE--
+<?php
+session_start();
+$old = session_id();
+$new = session_create_id();
+var_dump($new !== $old);
+?>
+--EXPECT--
+bool(true)