diff options
| author | Stefan | 2010-02-21 16:33:24 +0100 |
|---|---|---|
| committer | Stefan | 2010-02-21 16:33:24 +0100 |
| commit | 91b338c3787713c8e26d5676e368b6ef34691b92 (patch) | |
| tree | 126f6aa63d57edd5eabbad02f46cdc965c1ad030 /session.c | |
| parent | 53fc7e8928ab98f2290e65fc0e61a577c8725d9f (diff) | |
Fixed PHP 5.3.x send_cookie crash
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 90 |
1 files changed, 83 insertions, 7 deletions
| @@ -135,7 +135,7 @@ typedef struct _php_ps_globals_50_51 { | |||
| 135 | int define_sid; | 135 | int define_sid; |
| 136 | } php_ps_globals_50_51; | 136 | } php_ps_globals_50_51; |
| 137 | 137 | ||
| 138 | typedef struct _php_ps_globals_52_60 { | 138 | typedef struct _php_ps_globals_52 { |
| 139 | char *save_path; | 139 | char *save_path; |
| 140 | char *session_name; | 140 | char *session_name; |
| 141 | char *id; | 141 | char *id; |
| @@ -171,13 +171,66 @@ typedef struct _php_ps_globals_52_60 { | |||
| 171 | int send_cookie; | 171 | int send_cookie; |
| 172 | int define_sid; | 172 | int define_sid; |
| 173 | zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */ | 173 | zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */ |
| 174 | } php_ps_globals_52_60; | 174 | } php_ps_globals_52; |
| 175 | 175 | ||
| 176 | typedef struct _php_ps_globals_53 { | ||
| 177 | char *save_path; | ||
| 178 | char *session_name; | ||
| 179 | char *id; | ||
| 180 | char *extern_referer_chk; | ||
| 181 | char *entropy_file; | ||
| 182 | char *cache_limiter; | ||
| 183 | long entropy_length; | ||
| 184 | long cookie_lifetime; | ||
| 185 | char *cookie_path; | ||
| 186 | char *cookie_domain; | ||
| 187 | zend_bool cookie_secure; | ||
| 188 | zend_bool cookie_httponly; | ||
| 189 | ps_module *mod; | ||
| 190 | void *mod_data; | ||
| 191 | php_session_status session_status; | ||
| 192 | long gc_probability; | ||
| 193 | long gc_divisor; | ||
| 194 | long gc_maxlifetime; | ||
| 195 | int module_number; | ||
| 196 | long cache_expire; | ||
| 197 | union { | ||
| 198 | zval *names[6]; | ||
| 199 | struct { | ||
| 200 | zval *ps_open; | ||
| 201 | zval *ps_close; | ||
| 202 | zval *ps_read; | ||
| 203 | zval *ps_write; | ||
| 204 | zval *ps_destroy; | ||
| 205 | zval *ps_gc; | ||
| 206 | } name; | ||
| 207 | } mod_user_names; | ||
| 208 | zend_bool bug_compat; /* Whether to behave like PHP 4.2 and earlier */ | ||
| 209 | zend_bool bug_compat_warn; /* Whether to warn about it */ | ||
| 210 | const struct ps_serializer_struct *serializer; | ||
| 211 | zval *http_session_vars; | ||
| 212 | zend_bool auto_start; | ||
| 213 | zend_bool use_cookies; | ||
| 214 | zend_bool use_only_cookies; | ||
| 215 | zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */ | ||
| 216 | zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */ | ||
| 217 | |||
| 218 | long hash_func; | ||
| 219 | #if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH) | ||
| 220 | php_hash_ops *hash_ops; | ||
| 221 | #endif | ||
| 222 | long hash_bits_per_character; | ||
| 223 | int send_cookie; | ||
| 224 | int define_sid; | ||
| 225 | zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */ | ||
| 226 | } php_ps_globals_53; | ||
| 176 | 227 | ||
| 177 | #ifdef ZTS | 228 | #ifdef ZTS |
| 178 | static ts_rsrc_id session_globals_id = 0; | 229 | static ts_rsrc_id session_globals_id = 0; |
| 179 | # if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2) | 230 | # if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3) |
| 180 | # define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_52_60 *, v) | 231 | # define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_53 *, v) |
| 232 | # elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2) | ||
| 233 | # define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_52 *, v) | ||
| 181 | # elif (PHP_MAJOR_VERSION == 5) | 234 | # elif (PHP_MAJOR_VERSION == 5) |
| 182 | # define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_50_51 *, v) | 235 | # define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_50_51 *, v) |
| 183 | # elif (PHP_MAJOR_VERSION == 4 && PHP_MINOR_VERSION >= 3) | 236 | # elif (PHP_MAJOR_VERSION == 4 && PHP_MINOR_VERSION >= 3) |
| @@ -186,8 +239,10 @@ static ts_rsrc_id session_globals_id = 0; | |||
| 186 | UNSUPPORTED PHP VERSION | 239 | UNSUPPORTED PHP VERSION |
| 187 | # endif | 240 | # endif |
| 188 | #else | 241 | #else |
| 189 | # if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2) | 242 | # if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3) |
| 190 | static php_ps_globals_52_60 *session_globals = NULL; | 243 | static php_ps_globals_53 *session_globals = NULL; |
| 244 | # elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2) | ||
| 245 | static php_ps_globals_52 *session_globals = NULL; | ||
| 191 | # elif (PHP_MAJOR_VERSION == 5) | 246 | # elif (PHP_MAJOR_VERSION == 5) |
| 192 | static php_ps_globals_50_51 *session_globals = NULL; | 247 | static php_ps_globals_50_51 *session_globals = NULL; |
| 193 | # elif (PHP_MAJOR_VERSION == 4 && PHP_MINOR_VERSION >= 3) | 248 | # elif (PHP_MAJOR_VERSION == 4 && PHP_MINOR_VERSION >= 3) |
| @@ -198,6 +253,27 @@ static php_ps_globals_43_44 *session_globals = NULL; | |||
| 198 | #define SESSION_G(v) (session_globals->v) | 253 | #define SESSION_G(v) (session_globals->v) |
| 199 | #endif | 254 | #endif |
| 200 | 255 | ||
| 256 | static void suhosin_send_cookie() | ||
| 257 | { | ||
| 258 | int * session_send_cookie = &SESSION_G(send_cookie); | ||
| 259 | char * base; | ||
| 260 | zend_ini_entry *ini_entry; | ||
| 261 | |||
| 262 | /* The following is requires to be 100% compatible to PHP | ||
| 263 | versions where the hash extension is not available by default */ | ||
| 264 | #if (PHP_MAJOR_VERSION >= 5 && PHP_MINOR_VERSION >= 3) | ||
| 265 | if (zend_hash_find(EG(ini_directives), "session.hash_bits_per_character", sizeof("session.hash_bits_per_character"), (void **) &ini_entry) == SUCCESS) { | ||
| 266 | #ifndef ZTS | ||
| 267 | base = (char *) ini_entry->mh_arg2; | ||
| 268 | #else | ||
| 269 | base = (char *) ts_resource(*((int *) ini_entry->mh_arg2)); | ||
| 270 | #endif | ||
| 271 | session_send_cookie = (int *) (base+(size_t) ini_entry->mh_arg1+sizeof(long)); | ||
| 272 | } | ||
| 273 | #endif | ||
| 274 | *session_send_cookie = 1; | ||
| 275 | } | ||
| 276 | |||
| 201 | void suhosin_get_ipv4(char *buf TSRMLS_DC) | 277 | void suhosin_get_ipv4(char *buf TSRMLS_DC) |
| 202 | { | 278 | { |
| 203 | char *raddr = sapi_getenv("REMOTE_ADDR", sizeof("REMOTE_ADDR")-1 TSRMLS_CC); | 279 | char *raddr = sapi_getenv("REMOTE_ADDR", sizeof("REMOTE_ADDR")-1 TSRMLS_CC); |
| @@ -472,7 +548,7 @@ static int suhosin_hook_s_read(void **mod_data, const char *key, char **val, int | |||
| 472 | regenerate: | 548 | regenerate: |
| 473 | SDEBUG("regenerating key is %s", key); | 549 | SDEBUG("regenerating key is %s", key); |
| 474 | KEY = SESSION_G(id) = SESSION_G(mod)->s_create_sid(&SESSION_G(mod_data), NULL TSRMLS_CC); | 550 | KEY = SESSION_G(id) = SESSION_G(mod)->s_create_sid(&SESSION_G(mod_data), NULL TSRMLS_CC); |
| 475 | SESSION_G(send_cookie) = 1; | 551 | suhosin_send_cookie(); |
| 476 | } else if (strlen(key) > SUHOSIN_G(session_max_id_length)) { | 552 | } else if (strlen(key) > SUHOSIN_G(session_max_id_length)) { |
| 477 | suhosin_log(S_SESSION, "session id ('%s') exceeds maximum length - regenerating", KEY); | 553 | suhosin_log(S_SESSION, "session id ('%s') exceeds maximum length - regenerating", KEY); |
| 478 | if (!SUHOSIN_G(simulation)) { | 554 | if (!SUHOSIN_G(simulation)) { |