From c0927642fd01c6431a17bd1652e5cd269e5946b8 Mon Sep 17 00:00:00 2001
From: Stefan Esser
Date: Mon, 9 Jun 2014 16:10:42 +0200
Subject: Improve SessionHandler() recursion protection

---
 Changelog |  1 +
 session.c | 13 +++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/Changelog b/Changelog
index c212737..1218c8a 100644
--- a/Changelog
+++ b/Changelog
@@ -9,6 +9,7 @@
     - Added suhosin.rand.seedingkey for INI supplied additional entropy string (idea DavisNT)
     - Added suhosin.rand.reseed_every_request to allow reseeding on every request (idea DavisNT)
     - Changed that calls to srand() / mt_srand() will trigger auto reseeding (idea DavisNT)
+    - Fixed problems with SessionHandler() class and endless recursions
     - Added LICENSE file to make distributions happy
 
 2014-02-24 - 0.9.35
diff --git a/session.c b/session.c
index 306da60..924469b 100644
--- a/session.c
+++ b/session.c
@@ -487,6 +487,8 @@ static php_ps_globals_43_44 *session_globals = NULL;
 #define SESSION_G(v) (session_globals->v)
 #endif
 
+static ps_module *ps_mod_user = NULL;
+
 ps_serializer *(*suhosin_find_ps_serializer)(char *name TSRMLS_DC) = NULL;
 
 #define PS_ENCODE_VARS                                          \
@@ -1018,6 +1020,10 @@ static PHP_INI_MH(suhosin_OnUpdateSaveHandler)
     int r;
     char *tmp;
 
+    if ((ps_mod_user) && (SUHOSIN_G(s_original_mod) == ps_mod_user) && (strcmp(new_value, "user") == NULL)) {
+        return SUCCESS;
+    }
+
     SESSION_G(mod) = SUHOSIN_G(s_original_mod);
     
     r = old_OnUpdateSaveHandler(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC);
@@ -1089,6 +1095,13 @@ void suhosin_hook_session(TSRMLS_D)
     }
 #endif
 #endif
+    if (ps_mod_user == NULL) {
+        ps_mod_user = DL_FETCH_SYMBOL(module->handle, "ps_mod_user");
+        if (ps_mod_user == NULL) {
+            ps_mod_user = DL_FETCH_SYMBOL(module->handle, "_ps_mod_user");
+        }
+    }
+    
     if (old_OnUpdateSaveHandler != NULL) {
         return;
     }
-- 
cgit v1.3