From: [EMAIL PROTECTED]
Operating system: Windows NT, OS/2
PHP version: 4.1.2
PHP Bug Type: Session related
Bug description: user can crash apache child entering incorrect session name
To reproduce bug do this test:
1) Turn off cookies at browser.
2) run file:
<?
session_name ("SESSID");
session_set_cookie_params (3600);
session_register("test"); //registring tracks variable.
if (!isset($test)) $test=1;
$test=$test++;
echo '<a href="'.$PHP_SELF.'?SESSID='.session_id().'">test</a>';
echo '<br><a href="'.$PHP_SELF.'?SESSID=c:\123">test2</a>';
?>
3) Click on a "test2" link
4) Apache child will crash and php will write message like
Warning: Failed to write session data (files). Please verify that the
current setting of session.save_path is correct (/tmp) in Unknown on line
0
Testes on OS/2 (PHP 4.1.2) and win32 (PHP 4.1.1). PHP is installed as
Apache module.
--
Edit bug report at http://bugs.php.net/?id=16361&edit=1
--
Fixed in CVS: http://bugs.php.net/fix.php?id=16361&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=16361&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=16361&r=needtrace
Try newer version: http://bugs.php.net/fix.php?id=16361&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=16361&r=support
Expected behavior: http://bugs.php.net/fix.php?id=16361&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=16361&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=16361&r=submittedtwice
