#25307 [Ver]: Crash when session.serialize_handler=wddx & session, post, get vars
ID: 25307 User updated by: cristea at pntcd dot ro Reported By: cristea at pntcd dot ro Status: Verified Bug Type: Session related Operating System: any PHP Version: 4CVS-2003-08-29 (stable) New Comment: I'm using php binary on win32. I cannot use this patch. Could this be included on http://snaps.php.net ? Previous Comments: [2003-08-29 06:18:56] [EMAIL PROTECTED] This patch _seems_ to fix this bug: http://www.php.net/~jani/patches/bug25307.patch (doesn't crash for me anymore) [2003-08-29 06:06:02] cristea at pntcd dot ro In this case is a bug. If the serializer is set to 'php' everything is OK. [2003-08-29 05:40:25] [EMAIL PROTECTED] Happens only when wddx is the serializer and register_globals is 'On'. Backtrace as follows: 0x40567dfa in var_replace (var_hashx=0x0, ozval=0x8244114, nzval=0x8236ef0) at var_unserializer.re:40 40 var_unserializer.re: No such file or directory. (gdb) bt #0 0x40567dfa in var_replace (var_hashx=0x0, ozval=0x8244114, nzval=0x8236ef0) at var_unserializer.re:40 #1 0x404e727b in php_set_session_var (name=0x824429c "a", namelen=1, state_val=0x8244114, var_hash=0x0) at /usr/src/web/php/php4_3/ext/session/session.c:307 #2 0x405720e2 in ps_srlzr_decode_wddx ( val=0x824724c "test", vallen=119) at /usr/src/web/php/php4_3/ext/wddx/wddx.c:292 #3 0x404e7e5c in php_session_decode ( val=0x824724c "test", vallen=119) at /usr/src/web/php/php4_3/ext/session/session.c:523 #4 0x404e8254 in php_session_initialize () at /usr/src/web/php/php4_3/ext/session/session.c:608 #5 0x404e9764 in php_session_start () at /usr/src/web/php/php4_3/ext/session/session.c:1036 #6 0x404eb41b in zif_session_start (ht=0, return_value=0x8246ff4, this_ptr=0x0, return_value_used=0) at /usr/src/web/php/php4_3/ext/session/session.c:1475 [2003-08-29 04:35:26] cristea at pntcd dot ro Description: Apache will crash session.serialize_handler is set to wddx and when a $_SESSION var have the same name as a $_POST (or $_GET) var. Try this code: File w1.php --- EOS; ?> File w2.php --- "; print_r($_POST); ?> -- Edit this bug report at http://bugs.php.net/?id=25307&edit=1
#25307 [Ver]: Crash when session.serialize_handler=wddx & session, post, get vars
ID: 25307 Updated by: [EMAIL PROTECTED] Reported By: cristea at pntcd dot ro Status: Verified Bug Type: Session related Operating System: any PHP Version: 4CVS-2003-08-29 (stable) New Comment: This patch _seems_ to fix this bug: http://www.php.net/~jani/patches/bug25307.patch (doesn't crash for me anymore) Previous Comments: [2003-08-29 06:06:02] cristea at pntcd dot ro In this case is a bug. If the serializer is set to 'php' everything is OK. [2003-08-29 05:40:25] [EMAIL PROTECTED] Happens only when wddx is the serializer and register_globals is 'On'. Backtrace as follows: 0x40567dfa in var_replace (var_hashx=0x0, ozval=0x8244114, nzval=0x8236ef0) at var_unserializer.re:40 40 var_unserializer.re: No such file or directory. (gdb) bt #0 0x40567dfa in var_replace (var_hashx=0x0, ozval=0x8244114, nzval=0x8236ef0) at var_unserializer.re:40 #1 0x404e727b in php_set_session_var (name=0x824429c "a", namelen=1, state_val=0x8244114, var_hash=0x0) at /usr/src/web/php/php4_3/ext/session/session.c:307 #2 0x405720e2 in ps_srlzr_decode_wddx ( val=0x824724c "test", vallen=119) at /usr/src/web/php/php4_3/ext/wddx/wddx.c:292 #3 0x404e7e5c in php_session_decode ( val=0x824724c "test", vallen=119) at /usr/src/web/php/php4_3/ext/session/session.c:523 #4 0x404e8254 in php_session_initialize () at /usr/src/web/php/php4_3/ext/session/session.c:608 #5 0x404e9764 in php_session_start () at /usr/src/web/php/php4_3/ext/session/session.c:1036 #6 0x404eb41b in zif_session_start (ht=0, return_value=0x8246ff4, this_ptr=0x0, return_value_used=0) at /usr/src/web/php/php4_3/ext/session/session.c:1475 [2003-08-29 04:35:26] cristea at pntcd dot ro Description: Apache will crash session.serialize_handler is set to wddx and when a $_SESSION var have the same name as a $_POST (or $_GET) var. Try this code: File w1.php --- EOS; ?> File w2.php --- "; print_r($_POST); ?> -- Edit this bug report at http://bugs.php.net/?id=25307&edit=1
#25307 [Ver]: Crash when session.serialize_handler=wddx & session, post, get vars
ID: 25307 User updated by: cristea at pntcd dot ro Reported By: cristea at pntcd dot ro Status: Verified Bug Type: Session related Operating System: any PHP Version: 4CVS-2003-08-29 (stable) New Comment: In this case is a bug. If the serializer is set to 'php' everything is OK. Previous Comments: [2003-08-29 05:40:25] [EMAIL PROTECTED] Happens only when wddx is the serializer and register_globals is 'On'. Backtrace as follows: 0x40567dfa in var_replace (var_hashx=0x0, ozval=0x8244114, nzval=0x8236ef0) at var_unserializer.re:40 40 var_unserializer.re: No such file or directory. (gdb) bt #0 0x40567dfa in var_replace (var_hashx=0x0, ozval=0x8244114, nzval=0x8236ef0) at var_unserializer.re:40 #1 0x404e727b in php_set_session_var (name=0x824429c "a", namelen=1, state_val=0x8244114, var_hash=0x0) at /usr/src/web/php/php4_3/ext/session/session.c:307 #2 0x405720e2 in ps_srlzr_decode_wddx ( val=0x824724c "test", vallen=119) at /usr/src/web/php/php4_3/ext/wddx/wddx.c:292 #3 0x404e7e5c in php_session_decode ( val=0x824724c "test", vallen=119) at /usr/src/web/php/php4_3/ext/session/session.c:523 #4 0x404e8254 in php_session_initialize () at /usr/src/web/php/php4_3/ext/session/session.c:608 #5 0x404e9764 in php_session_start () at /usr/src/web/php/php4_3/ext/session/session.c:1036 #6 0x404eb41b in zif_session_start (ht=0, return_value=0x8246ff4, this_ptr=0x0, return_value_used=0) at /usr/src/web/php/php4_3/ext/session/session.c:1475 [2003-08-29 04:35:26] cristea at pntcd dot ro Description: Apache will crash session.serialize_handler is set to wddx and when a $_SESSION var have the same name as a $_POST (or $_GET) var. Try this code: File w1.php --- EOS; ?> File w2.php --- "; print_r($_POST); ?> -- Edit this bug report at http://bugs.php.net/?id=25307&edit=1