2 files changed, 105 insertions, 3 deletions
diff --git a/session.c b/session.c
index 1045a93..e132c4c 100644
--- a/session.c
+++ b/session.c
@@ -728,7 +728,12 @@ static int suhosin_hook_s_read(void **mod_data, const char *key, char **val, int
    }*/
    
    /* protect dumb session handlers */
-    if (key == NULL || !key[0] || *mod_data == NULL) {
+    if (key == NULL || !key[0] || 
+                (*mod_data == NULL
+#if PHP_VERSION_ID >= 50400
+                && !SESSION_G(mod_user_implemented)
+#endif
+                )) {
 regenerate:
        SDEBUG("regenerating key is %s", key);
        KEY = SESSION_G(id) = SESSION_G(mod)->s_create_sid(&SESSION_G(mod_data), NULL TSRMLS_CC);
@@ -777,7 +782,12 @@ static int suhosin_hook_s_write(void **mod_data, const char *key, const char *va
    char *v = (char *)val;
    /* protect dumb session handlers */
-    if (key == NULL || !key[0] || val == NULL || strlen(key) > SUHOSIN_G(session_max_id_length) || *mod_data == NULL) {
+    if (key == NULL || !key[0] || val == NULL || strlen(key) > SUHOSIN_G(session_max_id_length) || 
+                (*mod_data == NULL
+#if PHP_VERSION_ID >= 50400
+                && !SESSION_G(mod_user_implemented)
+#endif
+                )) {
        r = FAILURE;
        goto return_write;
    }
@@ -820,7 +830,12 @@ static int suhosin_hook_s_destroy(void **mod_data, const char *key TSRMLS_DC)
    int r;
    /* protect dumb session handlers */
-    if (key == NULL || !key[0] || strlen(key) > SUHOSIN_G(session_max_id_length) || *mod_data == NULL) {
+    if (key == NULL || !key[0] || strlen(key) > SUHOSIN_G(session_max_id_length) || 
+                (*mod_data == NULL
+#if PHP_VERSION_ID >= 50400
+                && !SESSION_G(mod_user_implemented)
+#endif
+                )) {
        return FAILURE;
    }
    
diff --git a/tests/executor/user_session_handler.phpt b/tests/executor/user_session_handler.phpt
new file mode 100644
index 0000000..aa9d67c
--- /dev/null
+++ b/tests/executor/user_session_handler.phpt
@@ -0,0 +1,87 @@
+--TEST--
+Testing user session handler functions
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.syslog=0
+suhosin.log.script=0
+suhosin.log.sapi=2
+suhosin.session.encrypt=On
+session.save_path=SUHOSIN_TEST_CASE
+--FILE--
+<?php
+   
+$GLOBALS['test_array_session'] = array();
+$GLOBALS['msg'] = array();
+function sess_open($savePath, $sessionName)
+{
+        $GLOBALS['msg'][] = "open $savePath -> $sessionName";
+}
+function sess_close()
+{
+        $GLOBALS['msg'][] = "close";
+}
+function sess_read($id)
+{
+        $GLOBALS['msg'][] = "read $id";
+        return @$GLOBALS['test_array_session'][$id];
+}
+function sess_write($id, $data)
+{
+        $GLOBALS['msg'][] = "write $id - $data";
+        $GLOBALS['test_array_session'][$id] = $data;
+        return true;
+}
+function sess_destroy($id)
+{
+        $GLOBALS['msg'][] = "destroy $id";
+}
+function sess_gc($lifetime)
+{
+}
+    
+session_set_save_handler ( "sess_open" , "sess_close" , "sess_read" , "sess_write" , "sess_destroy" , "sess_gc" );
+session_id(md5("testsession1"));
+session_start();
+$_SESSION['test1'] = "test";
+$_SESSION['test2'] = 12345;
+$_SESSION['test3'] = array();
+$_SESSION['test4'] = new StdClass();
+session_write_close();
+session_start();
+var_dump($_SESSION);
+var_dump($msg);
+?>
+--EXPECTF--
+array(4) {
+  ["test1"]=>
+  string(4) "test"
+  ["test2"]=>
+  int(12345)
+  ["test3"]=>
+  array(0) {
+  }
+  ["test4"]=>
+  object(stdClass)#1 (0) {
+  }
+}
+array(6) {
+  [0]=>
+  string(35) "open SUHOSIN_TEST_CASE -> PHPSESSID"
+  [1]=>
+  string(37) "read 4cdacd154c45b08c35d83f3b514eddab"
+  [2]=>
+  string(%d) "write 4cdacd154c45b08c35d83f3b514eddab - %s"
+  [3]=>
+  string(5) "close"
+  [4]=>
+  string(35) "open SUHOSIN_TEST_CASE -> PHPSESSID"
+  [5]=>
+  string(37) "read 4cdacd154c45b08c35d83f3b514eddab"
+}

diff --git a/session.c b/session.c index 1045a93..e132c4c 100644 --- a/session.c +++ b/session.c
@@ -728,7 +728,12 @@ static int suhosin_hook_s_read(void *mod_data, const char key, char **val, int
728	}*/	728	}*/
729		729
730	/* protect dumb session handlers */	730	/* protect dumb session handlers */
731	if (key == NULL \|\| !key[0] \|\| *mod_data == NULL) {	731	if (key == NULL \|\| !key[0] \|\|
		732	(*mod_data == NULL
		733	#if PHP_VERSION_ID >= 50400
		734	&& !SESSION_G(mod_user_implemented)
		735	#endif
		736	)) {
732	regenerate:	737	regenerate:
733	SDEBUG("regenerating key is %s", key);	738	SDEBUG("regenerating key is %s", key);
734	KEY = SESSION_G(id) = SESSION_G(mod)->s_create_sid(&SESSION_G(mod_data), NULL TSRMLS_CC);	739	KEY = SESSION_G(id) = SESSION_G(mod)->s_create_sid(&SESSION_G(mod_data), NULL TSRMLS_CC);
@@ -777,7 +782,12 @@ static int suhosin_hook_s_write(void *mod_data, const char key, const char *va
777	char v = (char )val;	782	char v = (char )val;
778		783
779	/* protect dumb session handlers */	784	/* protect dumb session handlers */
780	if (key == NULL \|\| !key[0] \|\| val == NULL \|\| strlen(key) > SUHOSIN_G(session_max_id_length) \|\| *mod_data == NULL) {	785	if (key == NULL \|\| !key[0] \|\| val == NULL \|\| strlen(key) > SUHOSIN_G(session_max_id_length) \|\|
		786	(*mod_data == NULL
		787	#if PHP_VERSION_ID >= 50400
		788	&& !SESSION_G(mod_user_implemented)
		789	#endif
		790	)) {
781	r = FAILURE;	791	r = FAILURE;
782	goto return_write;	792	goto return_write;
783	}	793	}
@@ -820,7 +830,12 @@ static int suhosin_hook_s_destroy(void *mod_data, const char key TSRMLS_DC)
820	int r;	830	int r;
821		831
822	/* protect dumb session handlers */	832	/* protect dumb session handlers */
823	if (key == NULL \|\| !key[0] \|\| strlen(key) > SUHOSIN_G(session_max_id_length) \|\| *mod_data == NULL) {	833	if (key == NULL \|\| !key[0] \|\| strlen(key) > SUHOSIN_G(session_max_id_length) \|\|
		834	(*mod_data == NULL
		835	#if PHP_VERSION_ID >= 50400
		836	&& !SESSION_G(mod_user_implemented)
		837	#endif
		838	)) {
824	return FAILURE;	839	return FAILURE;
825	}	840	}
826		841


diff --git a/tests/executor/user_session_handler.phpt b/tests/executor/user_session_handler.phpt new file mode 100644 index 0000000..aa9d67c --- /dev/null +++ b/tests/executor/user_session_handler.phpt
@@ -0,0 +1,87 @@
		1	--TEST--
		2	Testing user session handler functions
		3	--SKIPIF--
		4	<?php include "../skipifnotcli.inc"; ?>
		5	--INI--
		6	suhosin.log.syslog=0
		7	suhosin.log.script=0
		8	suhosin.log.sapi=2
		9	suhosin.session.encrypt=On
		10	session.save_path=SUHOSIN_TEST_CASE
		11	--FILE--
		12	<?php
		13
		14	$GLOBALS['test_array_session'] = array();
		15	$GLOBALS['msg'] = array();
		16
		17	function sess_open($savePath, $sessionName)
		18	{
		19	$GLOBALS['msg'][] = "open $savePath -> $sessionName";
		20	}
		21	function sess_close()
		22	{
		23	$GLOBALS['msg'][] = "close";
		24	}
		25	function sess_read($id)
		26	{
		27	$GLOBALS['msg'][] = "read $id";
		28	return @$GLOBALS['test_array_session'][$id];
		29	}
		30	function sess_write($id, $data)
		31	{
		32	$GLOBALS['msg'][] = "write $id - $data";
		33	$GLOBALS['test_array_session'][$id] = $data;
		34	return true;
		35	}
		36	function sess_destroy($id)
		37	{
		38	$GLOBALS['msg'][] = "destroy $id";
		39	}
		40	function sess_gc($lifetime)
		41	{
		42	}
		43
		44	session_set_save_handler ( "sess_open" , "sess_close" , "sess_read" , "sess_write" , "sess_destroy" , "sess_gc" );
		45	session_id(md5("testsession1"));
		46	session_start();
		47
		48	$_SESSION['test1'] = "test";
		49	$_SESSION['test2'] = 12345;
		50	$_SESSION['test3'] = array();
		51	$_SESSION['test4'] = new StdClass();
		52
		53	session_write_close();
		54
		55	session_start();
		56
		57	var_dump($_SESSION);
		58	var_dump($msg);
		59
		60	?>
		61	--EXPECTF--
		62	array(4) {
		63	["test1"]=>
		64	string(4) "test"
		65	["test2"]=>
		66	int(12345)
		67	["test3"]=>
		68	array(0) {
		69	}
		70	["test4"]=>
		71	object(stdClass)#1 (0) {
		72	}
		73	}
		74	array(6) {
		75	[0]=>
		76	string(35) "open SUHOSIN_TEST_CASE -> PHPSESSID"
		77	[1]=>
		78	string(37) "read 4cdacd154c45b08c35d83f3b514eddab"
		79	[2]=>
		80	string(%d) "write 4cdacd154c45b08c35d83f3b514eddab - %s"
		81	[3]=>
		82	string(5) "close"
		83	[4]=>
		84	string(35) "open SUHOSIN_TEST_CASE -> PHPSESSID"
		85	[5]=>
		86	string(37) "read 4cdacd154c45b08c35d83f3b514eddab"
		87	}