From 31d70da1ff61480f51b8ca747bc8c8d8a37c5061 Mon Sep 17 00:00:00 2001
From: Christian Göttsche
Date: Sun, 22 Feb 2026 22:11:05 +0100
Subject: Log session ID lengths on failure

---
 src/sp_session.c             | 6 +++---
 src/tests/sid_too_long.phpt  | 4 ++--
 src/tests/sid_too_short.phpt | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/sp_session.c b/src/sp_session.c
index 228e581..568271b 100644
--- a/src/sp_session.c
+++ b/src/sp_session.c
@@ -22,15 +22,15 @@ static int (*old_s_write)(PS_WRITE_ARGS);
 static int (*previous_sessionRINIT)(INIT_FUNC_ARGS) = NULL;
 static ZEND_INI_MH((*old_OnUpdateSaveHandler)) = NULL;
 
-static void check_sid_length(zend_string *sid) {
+static void check_sid_length(const zend_string *sid) {
   const sp_config_session *cfg = &(SPCFG(session));
 
   if (sid) {
     if (cfg->sid_min_length && ZSTR_LEN(sid) < cfg->sid_min_length) {
-      sp_log_auto("session", cfg->simulation, "Session ID is too short");
+      sp_log_auto("session", cfg->simulation, "Session ID is too short (sid=%zu min=%zu)", ZSTR_LEN(sid), (size_t)cfg->sid_min_length);
     }
     if (cfg->sid_max_length && ZSTR_LEN(sid) > cfg->sid_max_length) {
-      sp_log_auto("session", cfg->simulation, "Session ID is too long");
+      sp_log_auto("session", cfg->simulation, "Session ID is too long (sid=%zu max=%zu)", ZSTR_LEN(sid), (size_t)cfg->sid_max_length);
     }
   }
 }
diff --git a/src/tests/sid_too_long.phpt b/src/tests/sid_too_long.phpt
index 85f7fc2..5dd5a9f 100644
--- a/src/tests/sid_too_long.phpt
+++ b/src/tests/sid_too_long.phpt
@@ -14,6 +14,6 @@ session_start();
 echo strlen(session_id());
 ?>
 --EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too long in %a.php on line %d
+Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too long (sid=33 max=32) in %a.php on line %d
 
-Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too long in Unknown on line 0
\ No newline at end of file
+Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too long (sid=33 max=32) in Unknown on line 0
diff --git a/src/tests/sid_too_short.phpt b/src/tests/sid_too_short.phpt
index 3ebbc58..d4e02ba 100644
--- a/src/tests/sid_too_short.phpt
+++ b/src/tests/sid_too_short.phpt
@@ -14,6 +14,6 @@ session_start();
 echo strlen(session_id());
 ?>
 --EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too short in %a.php on line %d
+Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too short (sid=3 min=10) in %a.php on line %d
 
-Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too short in Unknown on line 0
\ No newline at end of file
+Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too short (sid=3 min=10) in Unknown on line 0
-- 
cgit v1.3