sas Mon Jul 21 21:10:31 2003 EDT
Modified files: (Branch: PHP_4_3)
/php-src/ext/session session.c
Log:
Proper fix for #24592
The core issue is that undefined variables are refcounted (refcount != 0)
while is_ref is still set to 0. I don't know whether this is a bug in
the engine, but is it not the first time this irregularity has caused
problems for the session extension.
The irregularity confused ZEND_SET_SYMBOL_WITH_LENGTH which then did
the wrong thing WRT null values.
Fortunately, nulls can simply be ignored in this case, thus the old
code is restored and a new condition is added.
Index: php-src/ext/session/session.c
diff -u php-src/ext/session/session.c:1.336.2.19
php-src/ext/session/session.c:1.336.2.20
--- php-src/ext/session/session.c:1.336.2.19 Mon Jul 21 17:49:52 2003
+++ php-src/ext/session/session.c Mon Jul 21 21:10:30 2003
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: session.c,v 1.336.2.19 2003/07/21 21:49:52 iliaa Exp $ */
+/* $Id: session.c,v 1.336.2.20 2003/07/22 01:10:30 sas Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -628,19 +628,18 @@
uint str_len;
ulong num_key;
int n;
- zval **val = NULL;
+ zval **val;
int ret = 0;
n = zend_hash_get_current_key_ex(ht, &str, &str_len, &num_key, 0, pos);
switch (n) {
case HASH_KEY_IS_STRING:
- if (zend_hash_find(&EG(symbol_table), str, str_len, (void **)
&val) == SUCCESS && val) {
- if (!PZVAL_IS_REF(*val)) {
- (*val)->is_ref = 1;
- (*val)->refcount += 1;
- zend_hash_update(ht, str, str_len, val,
sizeof(zval *), NULL);
- }
+ if (zend_hash_find(&EG(symbol_table), str, str_len,
+ (void **) &val) == SUCCESS
+ && val && Z_TYPE_PP(val) != IS_NULL) {
+ ZEND_SET_SYMBOL_WITH_LENGTH(ht, str, str_len, *val,
+ (*val)->refcount + 1 , 1);
ret = 1;
}
break;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
