From 82b0e8be99065b61b622df21bbc7494d2fbca3cd Mon Sep 17 00:00:00 2001
From: Yasuo Ohgaki <yohgaki@php.net>
Date: Tue, 25 Jun 2013 20:09:10 +0900
Subject: [PATCH] Strict session. Detect session id collision

---
 ext/session/mod_files.c | 15 ++++++++++++++-
 ext/session/mod_mm.c    | 15 ++++++++++++++-
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index e9dc25a4b8..6beee097b2 100644
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -459,9 +459,22 @@ PS_GC_FUNC(files)
 PS_CREATE_SID_FUNC(files)
 {
 	char *sid;
+	int maxfail = 3;
 	PS_FILES_DATA;
 
-	sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
+	do {
+		sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
+		/* Check collision */
+		if (ps_files_key_exists(data, sid TSRMLS_CC) == SUCCESS) {
+			if (sid) {
+				efree(sid);
+				sid = NULL;
+			}
+			if (!(maxfail--)) {
+				return NULL;
+			}
+		}
+	} while(!sid);
 
 	return sid;
 }
diff --git a/ext/session/mod_mm.c b/ext/session/mod_mm.c
index 7ca90833a6..69c0da7bdb 100644
--- a/ext/session/mod_mm.c
+++ b/ext/session/mod_mm.c
@@ -479,9 +479,22 @@ PS_GC_FUNC(mm)
 PS_CREATE_SID_FUNC(mm)
 {
 	char *sid;
+	int maxfail = 3;
 	PS_MM_DATA;
 
-	sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
+	do {
+		sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
+		/* Check collision */
+		if (ps_mm_key_exists(data, sid TSRMLS_CC) == SUCCESS) {
+			if (sid) {
+				efree(sid);
+				sid = NULL;
+			}
+			if (!(maxfail--)) {
+				return NULL;
+			}
+		}
+	} while(!sid);
 
 	return sid;
 }
-- 
2.50.1