sesser Sat Jun 16 07:48:23 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/session session.c Log: MFH http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.336.2.53.2.19&r2=1.336.2.53.2.20&diff_format=u Index: php-src/ext/session/session.c diff -u php-src/ext/session/session.c:1.336.2.53.2.19 php-src/ext/session/session.c:1.336.2.53.2.20 --- php-src/ext/session/session.c:1.336.2.53.2.19 Fri Jun 15 22:45:25 2007 +++ php-src/ext/session/session.c Sat Jun 16 07:48:23 2007 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: session.c,v 1.336.2.53.2.19 2007/06/15 22:45:25 stas Exp $ */ +/* $Id: session.c,v 1.336.2.53.2.20 2007/06/16 07:48:23 sesser Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -666,7 +666,7 @@ int vallen; /* check session name for invalid characters */ - if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\()@,;:[]?={}&%")) { + if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\")) { efree(PS(id)); PS(id) = NULL; } @@ -918,6 +918,7 @@ { smart_str ncookie = {0}; char *date_fmt = NULL; + char *e_session_name, *e_id; if (SG(headers_sent)) { char *output_start_filename = php_get_output_start_filename(TSRMLS_C); @@ -931,11 +932,18 @@ } return; } + + /* URL encode session_name and id because they might be user supplied */ + e_session_name = php_url_encode(PS(session_name), strlen(PS(session_name)), NULL); + e_id = php_url_encode(PS(id), strlen(PS(id)), NULL); smart_str_appends(&ncookie, COOKIE_SET_COOKIE); - smart_str_appends(&ncookie, PS(session_name)); + smart_str_appends(&ncookie, e_session_name); smart_str_appendc(&ncookie, '='); - smart_str_appends(&ncookie, PS(id)); + smart_str_appends(&ncookie, e_id); + + efree(e_session_name); + efree(e_id); if (PS(cookie_lifetime) > 0) { struct timeval tv;
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php