[proxy] bugs.php.net← back | site home | direct (HTTPS) ↗ | proxy home | ◑ dark◐ light
Bug #30282 Setting session.serialize_handler to none in apache config segfaults PHP
Submitted: 2004-09-29 23:29 UTC Modified: 2004-09-30 18:50 UTC
From: daniele at orlandi dot com Assigned:
Status: Closed Package: Session related
PHP Version: 4.3.9 OS: SuSE Linux 9.1
Private report: No CVE-ID: None
View Developer Edit
 [2004-09-29 23:29 UTC] daniele at orlandi dot com 
Description:
------------
This is an almost cosmetic issue. I incorrectly put "none" in apache's configuration file for session.serialize_handler. Starting the session, PHP segfaults; it may be a missing NULL check.

php_value session.serialize_handler none

[pid 31996] open("/tmp/sess_de475dfe390c0d01f35536633634db4a", O_RDWR|O_CREAT, 0600) = 28
[pid 31996] flock(28, LOCK_EX)          = 0
[pid 31996] fcntl64(28, F_SETFD, FD_CLOEXEC) = 0
[pid 31996] fstat64(28, {st_mode=S_IFREG|0600, st_size=0, ...}) = 0
[pid 31996] pread(28, "", 0, 0)
[pid 31996] --- SIGSEGV (Segmentation fault) @ 0 (0) ---

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-09-30 10:07 UTC] tony2001@php.net 
Derick, that's the bug I was talking about a month ago.
Here's the patch for it: http://tony2001.phpclub.net/dev/tmp/session.diff
It fixes the problem, but I don't like it - I'd prefer "fixing" session extension instead, but it seems that Sascha doesn't read emails anymore.
 [2004-09-30 17:52 UTC] tony2001@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.