bug79091.phpt - OpenGrok history log for /PHP-7.4/ext/session/tests/bug79091.phpt

Revision	Date	Author	Comments
# b510250b	26-Mar-2020	Christoph M. Becker	Fix #79413: session_create_id() fails for active sessions The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the function is supposed to return `SUCCESS` if the session alre Fix #79413: session_create_id() fails for active sessions The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the function is supposed to return `SUCCESS` if the session already exists. So to detect a collision, we have to check for `SUCCESS`, not `FAILURE`. We also fix the wrong condition in session_regenerate_id() as well. show more ...
# f79c7742	20-Jan-2020	Christoph M. Becker	Fix #79091: heap use-after-free in session_create_id() If the `new_id` is released, we must not use it again.

Revision

Date

Author

Comments

# b510250b

26-Mar-2020

Christoph M. Becker

Fix #79413: session_create_id() fails for active sessions

The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the
function is supposed to return `SUCCESS` if the session alre

Fix #79413: session_create_id() fails for active sessions

The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the
function is supposed to return `SUCCESS` if the session already exists.
So to detect a collision, we have to check for `SUCCESS`, not
`FAILURE`.

We also fix the wrong condition in session_regenerate_id() as well.

# f79c7742

20-Jan-2020

Christoph M. Becker

Fix #79091: heap use-after-free in session_create_id()

If the `new_id` is released, we must not use it again.