File tree Expand file tree Collapse file tree 3 files changed +78
-13
lines changed Expand file tree Collapse file tree 3 files changed +78
-13
lines changed Original file line number Diff line number Diff line change @@ -243,18 +243,11 @@ static zend_string *php_session_encode(void) /* {{{ */
243
243
244
244
static int php_session_decode (zend_string * data ) /* {{{ */
245
245
{
246
- int res ;
247
246
if (!PS (serializer )) {
248
247
php_error_docref (NULL , E_WARNING , "Unknown session.serialize_handler. Failed to decode session object" );
249
248
return FAILURE ;
250
249
}
251
- /* Make sure that any uses of unserialize() during session decoding do not share
252
- * state with any unserialize() that is already in progress (e.g. because we are
253
- * currently inside Serializable::unserialize(). */
254
- BG (serialize_lock )++ ;
255
- res = PS (serializer )-> decode (ZSTR_VAL (data ), ZSTR_LEN (data ));
256
- BG (serialize_lock )-- ;
257
- if (res == FAILURE ) {
250
+ if (PS (serializer )-> decode (ZSTR_VAL (data ), ZSTR_LEN (data )) == FAILURE ) {
258
251
php_session_destroy ();
259
252
php_session_track_init ();
260
253
php_error_docref (NULL , E_WARNING , "Failed to decode session object. Session has been destroyed" );
Original file line number Diff line number Diff line change
1
+ --TEST--
2
+ Bug #79031: Session unserialization problem
3
+ --FILE--
4
+ <?php
5
+
6
+ class SerializableClass implements Serializable {
7
+ public $ sharedProp ;
8
+ public function __construct ($ prop )
9
+ {
10
+ $ this ->sharedProp = $ prop ;
11
+ }
12
+ public function __set ($ key , $ value )
13
+ {
14
+ $ this ->$ key = $ value ;
15
+ }
16
+ public function serialize ()
17
+ {
18
+ return serialize (get_object_vars ($ this ));
19
+ }
20
+ public function unserialize ($ data )
21
+ {
22
+ $ ar = unserialize ($ data );
23
+ if ($ ar === false ) {
24
+ return ;
25
+ }
26
+ foreach ($ ar as $ k => $ v ) {
27
+ $ this ->__set ($ k , $ v );
28
+ }
29
+ }
30
+ }
31
+
32
+ // Shared object that acts as property of two another objects stored in session
33
+ $ testPropertyObj = new stdClass ();
34
+ $ testPropertyObj ->name = 'test ' ;
35
+
36
+ // Two instances of \SerializableClass that shares property
37
+ $ sessionObject = [
38
+ 'obj1 ' => new SerializableClass ($ testPropertyObj ),
39
+ 'obj2 ' => new SerializableClass ($ testPropertyObj ),
40
+ ];
41
+ session_start ();
42
+ $ _SESSION = $ sessionObject ;
43
+
44
+ $ sessionString = session_encode ();
45
+ session_decode ($ sessionString );
46
+ echo $ sessionString ;
47
+ echo "\n\n" ;
48
+ var_dump ($ _SESSION );
49
+
50
+ ?>
51
+ --EXPECT--
52
+ obj1|C:17:"SerializableClass":65:{a:1:{s:10:"sharedProp";O:8:"stdClass":1:{s:4:"name";s:4:"test";}}}obj2|C:17:"SerializableClass":28:{a:1:{s:10:"sharedProp";r:3;}}
53
+
54
+ array(2) {
55
+ ["obj1"]=>
56
+ object(SerializableClass)#4 (1) {
57
+ ["sharedProp"]=>
58
+ object(stdClass)#5 (1) {
59
+ ["name"]=>
60
+ string(4) "test"
61
+ }
62
+ }
63
+ ["obj2"]=>
64
+ object(SerializableClass)#6 (1) {
65
+ ["sharedProp"]=>
66
+ object(stdClass)#5 (1) {
67
+ ["name"]=>
68
+ string(4) "test"
69
+ }
70
+ }
71
+ }
Original file line number Diff line number Diff line change @@ -18,7 +18,6 @@ class obj implements Serializable {
18
18
}
19
19
function unserialize ($ data ) {
20
20
session_decode ($ data );
21
- return null ;
22
21
}
23
22
}
24
23
@@ -34,18 +33,20 @@ for ($i = 0; $i < 5; $i++) {
34
33
var_dump ($ data );
35
34
var_dump ($ _SESSION );
36
35
?>
37
- --EXPECT --
36
+ --EXPECTF --
38
37
array(2) {
39
38
[0]=>
40
- object(obj)#1 (1) {
39
+ object(obj)#%d (1) {
41
40
["data"]=>
42
41
NULL
43
42
}
44
43
[1]=>
45
- object(obj)#2 (1) {
44
+ object(obj)#%d (1) {
46
45
["data"]=>
47
46
NULL
48
47
}
49
48
}
50
- array(0) {
49
+ object(obj)#1 (1) {
50
+ ["data"]=>
51
+ NULL
51
52
}
You can’t perform that action at this time.
0 commit comments