From: Reeze Xia <reeze@php.net>
Date: Sat, 7 Nov 2015 13:46:21 +0000 (+0800)
Subject: Fixed bug #70876 Segmentation fault when regenerating session id with strict mode
X-Git-Tag: php-7.0.1RC1~139
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0bf3ebb4ba77f38261d9cb21a205a7d31b7f85cf;p=php

Fixed bug #70876 Segmentation fault when regenerating session id with strict mode

The comment *mod_data always be non-NULL is not true.
The same as this FIXME: https://github.com/php/php-src/blob/master/ext/session/mod_files.c#L676
---

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index 8301b73f5e..933df93ca8 100644
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -702,6 +702,10 @@ PS_VALIDATE_SID_FUNC(files)
 {
 	PS_FILES_DATA;
 
+	if (!data) {
+		return FAILURE;
+	}
+
 	return ps_files_key_exists(data, ZSTR_VAL(key));
 }
 
diff --git a/ext/session/tests/bug70876.phpt b/ext/session/tests/bug70876.phpt
new file mode 100644
index 0000000000..33e0323b9f
--- /dev/null
+++ b/ext/session/tests/bug70876.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Bug #70876 Segmentation fault when regenerating session id with strict mode
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--INI--
+html_errors=0
+session.save_handler=files
+--FILE--
+<?php
+ini_set('session.use_strict_mode', true);
+session_start();
+session_regenerate_id();
+
+echo "ok";
+?>
+--EXPECT--
+ok
\ No newline at end of file