From 5f3e233ea710d77ec8d28caa2e77fc3cb3728b4a Mon Sep 17 00:00:00 2001
From: Ilia Alshanetsky <iliaa@php.net>
Date: Fri, 1 Dec 2006 00:27:20 +0000
Subject: [PATCH] Disallow \0 chars inside session.save_path

---
 ext/session/session.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ext/session/session.c b/ext/session/session.c
index b6754d5df69..46a35a7a9e6 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -153,6 +153,10 @@ static PHP_INI_MH(OnUpdateSaveDir)
 	if (stage == PHP_INI_STAGE_RUNTIME) {
 		char *p;
 
+		if (memchr(new_value, '\0', new_value_length) != NULL) {
+			return FAILURE;
+		}
+
 		if ((p = zend_memrchr(new_value, ';', new_value_length))) {
 			p++;
 		} else {