php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-29 19:23:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

Strict session. Detect session id collision

Browse Source
This commit is contained in:
Yasuo Ohgaki
2013-06-25 20:09:10 +09:00
committed by Stanislav Malyshev
parent 25e8fcc88f
commit 82b0e8be99
2 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ext/session/mod_files.c
+14 -1
View File
@@ -459,9 +459,22 @@ PS_GC_FUNC(files)
PS_CREATE_SID_FUNC(files)
{
char *sid;
int maxfail = 3;
PS_FILES_DATA;
sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
do {
sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
/* Check collision */
if (ps_files_key_exists(data, sid TSRMLS_CC) == SUCCESS) {
if (sid) {
efree(sid);
sid = NULL;
}
if (!(maxfail--)) {
return NULL;
}
}
} while(!sid);
return sid;
}
ext/session/mod_mm.c
+14 -1
View File
@@ -479,9 +479,22 @@ PS_GC_FUNC(mm)
PS_CREATE_SID_FUNC(mm)
{
char *sid;
int maxfail = 3;
PS_MM_DATA;
sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
do {
sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
/* Check collision */
if (ps_mm_key_exists(data, sid TSRMLS_CC) == SUCCESS) {
if (sid) {
efree(sid);
sid = NULL;
}
if (!(maxfail--)) {
return NULL;
}
}
} while(!sid);
return sid;
}