From: Yasuo Ohgaki Date: Tue, 12 Jan 2016 10:52:54 +0000 (+0900) Subject: Merge branch 'PHP-5.6' into PHP-7.0 X-Git-Tag: php-7.0.3RC1~30 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=224aaf94;p=php Merge branch 'PHP-5.6' into PHP-7.0 * PHP-5.6: Fixed Bug #71038 session_start() returns TRUE on failure --- 224aaf94af8f06a241d023bf58533dc6db6d9d1f diff --cc ext/session/session.c index 52ba7e300a,dae1d8ae53..f5a399b75f --- a/ext/session/session.c +++ b/ext/session/session.c @@@ -94,14 -86,12 +94,15 @@@ zend_class_entry *php_session_update_ti return FAILURE; \ } -static void php_session_send_cookie(TSRMLS_D); -static void php_session_abort(TSRMLS_D); +#define APPLY_TRANS_SID (PS(use_trans_sid) && !PS(use_only_cookies)) + +static void php_session_send_cookie(void); ++static void php_session_abort(void); /* Dispatched by RINIT and by php_session_destroy */ -static inline void php_rinit_session_globals(TSRMLS_D) /* {{{ */ +static inline void php_rinit_session_globals(void) /* {{{ */ { + /* Do NOT init PS(mod_user_names) here! */ PS(id) = NULL; PS(session_status) = php_session_none; PS(mod_data) = NULL; @@@ -499,72 -491,71 +500,76 @@@ static void php_session_gc(void) /* {{ } /* }}} */ -static void php_session_initialize(TSRMLS_D) /* {{{ */ +static void php_session_initialize(void) /* {{{ */ { - char *val = NULL; - int vallen; + zend_string *val = NULL; + PS(session_status) = php_session_active; + if (!PS(mod)) { + PS(session_status) = php_session_disabled; - php_error_docref(NULL TSRMLS_CC, E_ERROR, "No storage module chosen - failed to initialize session"); + php_error_docref(NULL, E_ERROR, "No storage module chosen - failed to initialize session"); return; } /* Open session handler first */ - if (PS(mod)->s_open(&PS(mod_data), PS(save_path), PS(session_name) TSRMLS_CC) == FAILURE) { - php_session_abort(TSRMLS_C); - php_error_docref(NULL TSRMLS_CC, E_ERROR, "Failed to initialize storage module: %s (path: %s)", PS(mod)->s_name, PS(save_path)); + if (PS(mod)->s_open(&PS(mod_data), PS(save_path), PS(session_name)) == FAILURE + /* || PS(mod_data) == NULL */ /* FIXME: open must set valid PS(mod_data) with success */ + ) { ++ php_session_abort(); + php_error_docref(NULL, E_ERROR, "Failed to initialize storage module: %s (path: %s)", PS(mod)->s_name, PS(save_path)); return; } /* If there is no ID, use session module to create one */ if (!PS(id)) { - PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC); + PS(id) = PS(mod)->s_create_sid(&PS(mod_data)); if (!PS(id)) { - php_session_abort(TSRMLS_C); - php_error_docref(NULL TSRMLS_CC, E_ERROR, "Failed to create session ID: %s (path: %s)", PS(mod)->s_name, PS(save_path)); ++ php_session_abort(); + php_error_docref(NULL, E_ERROR, "Failed to create session ID: %s (path: %s)", PS(mod)->s_name, PS(save_path)); return; } if (PS(use_cookies)) { PS(send_cookie) = 1; } + } else if (PS(use_strict_mode) && PS(mod)->s_validate_sid && + PS(mod)->s_validate_sid(&PS(mod_data), PS(id)) == FAILURE) { + if (PS(id)) { + zend_string_release(PS(id)); + } + PS(id) = PS(mod)->s_create_sid(&PS(mod_data)); + if (!PS(id)) { + PS(id) = php_session_create_id(NULL); + } + if (PS(use_cookies)) { + PS(send_cookie) = 1; + } } - /* Set session ID for compatibility for older/3rd party save handlers */ - if (!PS(use_strict_mode)) { - php_session_reset_id(TSRMLS_C); - } + php_session_reset_id(); - PS(session_status) = php_session_active; /* GC must be done before read */ - php_session_gc(TSRMLS_C); + php_session_gc(); /* Read data */ - php_session_track_init(TSRMLS_C); - if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) == FAILURE) { - /* php_session_abort(TSRMLS_C); */ + php_session_track_init(); + if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, PS(gc_maxlifetime)) == FAILURE) { ++ php_session_abort(); /* Some broken save handler implementation returns FAILURE for non-existent session ID */ /* It's better to raise error for this, but disabled error for better compatibility */ - /* - php_error_docref(NULL, E_NOTICE, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path)); - */ - /* php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path)); */ - /* return; */ ++ php_error_docref(NULL, E_WARNING, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path)); ++ return; } - /* Set session ID if session read didn't activated session */ - if (PS(use_strict_mode) && PS(session_status) == php_session_none) { - php_session_reset_id(TSRMLS_C); - PS(session_status) = php_session_active; + if (PS(session_vars)) { + zend_string_release(PS(session_vars)); + PS(session_vars) = NULL; } if (val) { - php_session_decode(val, vallen TSRMLS_CC); - str_efree(val); - } - - if (!PS(use_cookies) && PS(send_cookie)) { - if (PS(use_trans_sid) && !PS(use_only_cookies)) { - PS(apply_trans_sid) = 1; + if (PS(lazy_write)) { + PS(session_vars) = zend_string_copy(val); } - PS(send_cookie) = 0; + php_session_decode(val); + zend_string_release(val); } } /* }}} */ @@@ -1288,15 -1285,17 +1293,17 @@@ static int php_session_cache_limiter(vo php_session_cache_limiter_t *lim; if (PS(cache_limiter)[0] == '\0') return 0; + if (PS(session_status) != php_session_active) return -1; if (SG(headers_sent)) { - const char *output_start_filename = php_output_get_start_filename(TSRMLS_C); - int output_start_lineno = php_output_get_start_lineno(TSRMLS_C); + const char *output_start_filename = php_output_get_start_filename(); + int output_start_lineno = php_output_get_start_lineno(); - PS(session_status) = php_session_none; ++ php_session_abort(); if (output_start_filename) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cache limiter - headers already sent (output started at %s:%d)", output_start_filename, output_start_lineno); + php_error_docref(NULL, E_WARNING, "Cannot send session cache limiter - headers already sent (output started at %s:%d)", output_start_filename, output_start_lineno); } else { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cache limiter - headers already sent"); + php_error_docref(NULL, E_WARNING, "Cannot send session cache limiter - headers already sent"); } return -2; } diff --cc ext/session/tests/016.phpt index 82a85d2705,82a85d2705..f23605eb47 --- a/ext/session/tests/016.phpt +++ b/ext/session/tests/016.phpt @@@ -22,5 -22,5 +22,5 @@@ session_write_close() print "I live\n"; ?> --EXPECTF-- --Warning: session_write_close(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (123;:/really%scompletely:::/invalid;;,23123;213) in %s on line %d ++Warning: session_start(): Failed to read session data: files (path: 123;:/really%scompletely:::/invalid;;,23123;213) in %s on line %d I live diff --cc ext/session/tests/bug71186.phpt index 0000000000,0000000000..5eeba6035f new file mode 100644 --- /dev/null +++ b/ext/session/tests/bug71186.phpt @@@ -1,0 -1,0 +1,32 @@@ ++--TEST-- ++Bug #71186 session.hash_function - algorithm changes ++--SKIPIF-- ++ ++--INI-- ++session.hash_function=sha512 ++session.save_handler=files ++--FILE-- ++ ++--EXPECT-- ++int(128) ++int(128) ++int(40) ++int(40) diff --cc ext/session/tests/rfc1867_sid_invalid.phpt index 4dd8f1f979,4dd8f1f979..a9114e3e1d --- a/ext/session/tests/rfc1867_sid_invalid.phpt +++ b/ext/session/tests/rfc1867_sid_invalid.phpt @@@ -47,13 -47,13 +47,13 @@@ session_destroy() --EXPECTF-- Warning: Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0 --Warning: Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0 ++Warning: Unknown: Failed to read session data: files (path: ) in Unknown on line 0 Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0 Warning: Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0 --Warning: Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0 ++Warning: Unknown: Failed to read session data: files (path: ) in Unknown on line 0 Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0 string(%d) "%s" diff --cc ext/session/tests/session_save_path_variation2.phpt index 4cf44b75a4,4cf44b75a4..60675aec3c --- a/ext/session/tests/session_save_path_variation2.phpt +++ b/ext/session/tests/session_save_path_variation2.phpt @@@ -33,8 -33,8 +33,12 @@@ ob_end_flush() string(5) "/blah" Warning: session_start(): open(%sblah%e%s, O_RDWR) failed: No such file or directory (2) in %s on line %d --bool(true) ++ ++Warning: session_start(): Failed to read session data: files (path: %sblah) in %s on line %d ++bool(false) string(5) "/blah" --bool(true) ++ ++Warning: session_destroy(): Trying to destroy uninitialized session in %s on line %d ++bool(false) string(5) "/blah" Done diff --cc ext/session/tests/session_save_path_variation3.phpt index b064f30183,b064f30183..1d290d95b3 --- a/ext/session/tests/session_save_path_variation3.phpt +++ b/ext/session/tests/session_save_path_variation3.phpt @@@ -33,8 -33,8 +33,12 @@@ ob_end_flush() string(5) "/blah" Warning: session_start(): open(%s, O_RDWR) failed: No such file or directory (2) in %s on line %d --bool(true) ++ ++Warning: session_start(): Failed to read session data: files (path: %sblah) in %s on line %d ++bool(false) string(5) "/blah" --bool(true) ++ ++Warning: session_destroy(): Trying to destroy uninitialized session in %s on line %d ++bool(false) string(5) "/blah" Done diff --cc ext/session/tests/session_set_save_handler_class_002.phpt index b75a7e6390,6fb831f695..880bc33425 --- a/ext/session/tests/session_set_save_handler_class_002.phpt +++ b/ext/session/tests/session_set_save_handler_class_002.phpt @@@ -34,7 -34,7 +34,7 @@@ class MySession2 extends SessionHandle } public function read($id) { -- return @file_get_contents($this->path . $id); ++ return (string)@file_get_contents($this->path . $id); } public function write($id, $data) { diff --cc ext/session/tests/session_set_save_handler_class_005.phpt index 5be735306a,c74c81de1d..1b8c1ce645 --- a/ext/session/tests/session_set_save_handler_class_005.phpt +++ b/ext/session/tests/session_set_save_handler_class_005.phpt @@@ -33,7 -33,7 +33,7 @@@ class MySession6 extends SessionHandle $handler = new MySession6; session_set_save_handler($handler); --session_start(); ++var_dump(session_start()); var_dump(session_id(), ini_get('session.save_handler'), $_SESSION); @@@ -45,13 -45,11 +45,12 @@@ session_unset() *** Testing session_set_save_handler() : incomplete implementation *** Warning: SessionHandler::read(): Parent session handler is not open in %ssession_set_save_handler_class_005.php on line %d ++ ++Warning: SessionHandler::close(): Parent session handler is not open in %ssession_set_save_handler_class_005.php on line %d ++ ++Warning: session_start(): Failed to read session data: user (%s) in %ssession_set_save_handler_class_005.php on line %d ++bool(false) string(%d) "%s" string(4) "user" array(0) { } -- --Warning: SessionHandler::write(): Parent session handler is not open in %ssession_set_save_handler_class_005.php on line %d - - Warning: session_write_close(): Failed to write session data %s in %ssession_set_save_handler_class_005.php on line %d -- --Warning: SessionHandler::close(): Parent session handler is not open in %ssession_set_save_handler_class_005.php on line %d diff --cc ext/session/tests/session_set_save_handler_class_012.phpt index 91e751bdfc,3899d28816..0ce03f865e --- a/ext/session/tests/session_set_save_handler_class_012.phpt +++ b/ext/session/tests/session_set_save_handler_class_012.phpt @@@ -38,7 -36,7 +38,7 @@@ class MySession extends SessionHandler $oldHandler = ini_get('session.save_handler'); $handler = new MySession; session_set_save_handler($handler); --session_start(); ++var_dump(session_start()); var_dump(session_id(), $oldHandler, ini_get('session.save_handler'), $handler->i, $_SESSION); @@@ -50,15 -48,13 +50,14 @@@ Warning: SessionHandler::open() expect Read %s Warning: SessionHandler::read(): Parent session handler is not open in %s on line %d ++ ++Warning: SessionHandler::close(): Parent session handler is not open in %s on line %d ++ ++Warning: session_start(): Failed to read session data: user (%s) in %s on line %d ++bool(false) string(%d) "%s" string(5) "files" string(4) "user" int(2) array(0) { } - - Warning: SessionHandler::write(): Parent session handler is not open in Unknown on line 0 -- - Warning: session_write_close(): Failed to write session data %s in %s on line %d -Warning: Unknown: Parent session handler is not open in Unknown on line 0 -- - Warning: SessionHandler::close(): Parent session handler is not open in Unknown on line 0 -Warning: Unknown: Parent session handler is not open in Unknown on line 0 diff --cc ext/session/tests/session_set_save_handler_class_016.phpt index 521bd86f31,2de03c0682..4095813c9d --- a/ext/session/tests/session_set_save_handler_class_016.phpt +++ b/ext/session/tests/session_set_save_handler_class_016.phpt @@@ -10,10 -10,10 +10,10 @@@ session.name=PHPSESSI ob_start(); --/* ++/* * Prototype : bool session_set_save_handler(SessionHandlerInterface $handler [, bool $register_shutdown_function = true]) * Description : Sets user-level session storage functions -- * Source code : ext/session/session.c ++ * Source code : ext/session/session.c */ echo "*** Testing session_set_save_handler() function: class with create_sid ***\n"; @@@ -34,7 -34,7 +34,7 @@@ class MySession2 extends SessionHandle } public function read($id) { -- return @file_get_contents($this->path . $id); ++ return (string)@file_get_contents($this->path . $id); } public function write($id, $data) { diff --cc ext/session/tests/session_set_save_handler_class_017.phpt index 6f42d7809a,756dc55d03..b8e7d7a7ad --- a/ext/session/tests/session_set_save_handler_class_017.phpt +++ b/ext/session/tests/session_set_save_handler_class_017.phpt @@@ -34,7 -34,7 +34,7 @@@ class MySession2 extends SessionHandle } public function read($id) { -- return @file_get_contents($this->path . $id); ++ return (string)@file_get_contents($this->path . $id); } public function write($id, $data) { diff --cc ext/session/tests/session_set_save_handler_error4.phpt index be3429b084,d286f07d99..4267195ee1 --- a/ext/session/tests/session_set_save_handler_error4.phpt +++ b/ext/session/tests/session_set_save_handler_error4.phpt @@@ -24,7 -24,7 +24,7 @@@ session_set_save_handler("callback", "c session_set_save_handler("callback", "callback", "callback", "callback", "echo", "callback"); session_set_save_handler("callback", "callback", "callback", "callback", "callback", "echo"); session_set_save_handler("callback", "callback", "callback", "callback", "callback", "callback"); --session_start(); ++var_dump(session_start()); ob_end_flush(); ?> --EXPECTF-- @@@ -39,3 -39,3 +39,6 @@@ Warning: session_set_save_handler(): Ar Warning: session_set_save_handler(): Argument 5 is not a valid callback in %s on line %d Warning: session_set_save_handler(): Argument 6 is not a valid callback in %s on line %d ++ ++Warning: session_start(): Failed to read session data: user (%s) in %s on line %d ++bool(false) diff --cc ext/session/tests/session_set_save_handler_iface_001.phpt index 03ee42865c,39a4b9975b..6943d59cbe --- a/ext/session/tests/session_set_save_handler_iface_001.phpt +++ b/ext/session/tests/session_set_save_handler_iface_001.phpt @@@ -34,7 -34,7 +34,7 @@@ class MySession2 implements SessionHand } public function read($id) { -- return @file_get_contents($this->path . $id); ++ return (string)@file_get_contents($this->path . $id); } public function write($id, $data) { diff --cc ext/session/tests/session_set_save_handler_iface_002.phpt index 40c9ac6825,40c9ac6825..204d88c785 --- a/ext/session/tests/session_set_save_handler_iface_002.phpt +++ b/ext/session/tests/session_set_save_handler_iface_002.phpt @@@ -43,7 -43,7 +43,7 @@@ class MySession2 implements MySessionHa } public function read($id) { -- return @file_get_contents($this->path . $id); ++ return (string)@file_get_contents($this->path . $id); } public function write($id, $data) {