From 048d86b9a6198ebcd5cf23a9e6aa2c9e6e44a80b Mon Sep 17 00:00:00 2001
From: Jorg Sowa <jorg.sowa@gmail.com>
Date: Sun, 11 Aug 2024 03:04:44 +0200
Subject: [PATCH 1/6] Added eclusive error message for prefix in
session_create_id() larger than 256
---
ext/session/session.c | 3 ++-
.../tests/session_create_id_invalid_prefix.phpt | 17 ++++++++++-------
2 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/ext/session/session.c b/ext/session/session.c
index aa9883ab1df33..5f587212995c5 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -368,6 +368,7 @@ PHPAPI zend_result php_session_valid_key(const char *key) /* {{{ */
|| (c >= '0' && c <= '9')
|| c == ','
|| c == '-')) {
+ php_error_docref(NULL, E_WARNING, "Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, \"-\", and \",\" characters are allowed");
return FAILURE;
}
}
@@ -377,6 +378,7 @@ PHPAPI zend_result php_session_valid_key(const char *key) /* {{{ */
/* Somewhat arbitrary length limit here, but should be way more than
anyone needs and avoids file-level warnings later on if we exceed MAX_PATH */
if (len == 0 || len > PS_MAX_SID_LENGTH) {
+ php_error_docref(NULL, E_WARNING, "Prefix cannot be larger than 256 characters");
return FAILURE;
}
@@ -2385,7 +2387,6 @@ PHP_FUNCTION(session_create_id)
if (prefix && ZSTR_LEN(prefix)) {
if (php_session_valid_key(ZSTR_VAL(prefix)) == FAILURE) {
/* E_ERROR raised for security reason. */
- php_error_docref(NULL, E_WARNING, "Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, \"-\", and \",\" characters are allowed");
RETURN_FALSE;
} else {
smart_str_append(&id, prefix);
diff --git a/ext/session/tests/session_create_id_invalid_prefix.phpt b/ext/session/tests/session_create_id_invalid_prefix.phpt
index 0a4e2c2d40013..785c23049e5ab 100644
--- a/ext/session/tests/session_create_id_invalid_prefix.phpt
+++ b/ext/session/tests/session_create_id_invalid_prefix.phpt
@@ -12,8 +12,12 @@ session
var_dump(session_create_id('_'));
var_dump(session_create_id('%'));
-var_dump(session_create_id("AB\0CD"));
-
+var_dump(session_create_id('ABTgdPs68S3M4HMaqKwj33TzqLMv5PHpWQxJbfpeogEhrJRY7o9f33pKLCmhf0tXCtoBkIu0yxXYCSHfJhPd2miPUW4MIpd91dnEiOwWDfaBnfdJZOwgvgmYLSfDGaebqmnCAoyuzlcq2j59nNRhccgJIkr9ytY3RwFTTXszpcjpx6mlJuG9GksKAhPsnnaEwSEb0eFyqvn80gYI2roKSjaFSmJxg0xgXuCF4csMo8DxiSvovho5QTKx5u7h8VyQL'));
+try {
+ var_dump(session_create_id("AB\0CD"));
+} catch (Throwable $e) {
+ echo $e->getMessage() . "\n";
+}
?>
Done
@@ -24,8 +28,7 @@ bool(false)
Warning: session_create_id(): Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
bool(false)
-Fatal error: Uncaught ValueError: session_create_id(): Argument #1 ($prefix) must not contain any null bytes in %s:%d
-Stack trace:
-#0 %s(5): session_create_id('AB\x00CD')
-#1 {main}
- thrown in %s
+Warning: session_create_id(): Prefix cannot be larger than 256 characters in %s on line %d
+bool(false)
+session_create_id(): Argument #1 ($prefix) must not contain any null bytes
+Done
From 105cd0ab461fd9dd6d4a3ab7dc89950dbf644e44 Mon Sep 17 00:00:00 2001
From: Jorg Sowa <jorg.sowa@gmail.com>
Date: Sun, 11 Aug 2024 03:32:06 +0200
Subject: [PATCH 2/6] Adjusted error in mod_files
---
ext/session/mod_files.c | 1 -
ext/session/tests/rfc1867_sid_invalid.phpt | 4 ++--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index 74e77973405b2..83c463823b74f 100644
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -166,7 +166,6 @@ static void ps_files_open(ps_files *data, /* const */ zend_string *key)
ps_files_close(data);
if (php_session_valid_key(ZSTR_VAL(key)) == FAILURE) {
- php_error_docref(NULL, E_WARNING, "Session ID is too long or contains illegal characters. Only the A-Z, a-z, 0-9, \"-\", and \",\" characters are allowed");
return;
}
diff --git a/ext/session/tests/rfc1867_sid_invalid.phpt b/ext/session/tests/rfc1867_sid_invalid.phpt
index fe01b5a8ba2aa..98594ba9073b0 100644
--- a/ext/session/tests/rfc1867_sid_invalid.phpt
+++ b/ext/session/tests/rfc1867_sid_invalid.phpt
@@ -52,13 +52,13 @@ session_destroy();
@unlink(__DIR__ . DIRECTORY_SEPARATOR . "rfc1867_sid_invalid.post.txt");
?>
--EXPECTF--
-Warning: PHP Request Startup: Session ID is too long or contains illegal characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
+Warning: PHP Request Startup: Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
Warning: PHP Request Startup: Failed to read session data: files (path: ) in Unknown on line 0
Warning: PHP Request Startup: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0
-Warning: PHP Request Startup: Session ID is too long or contains illegal characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
+Warning: PHP Request Startup: Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
Warning: PHP Request Startup: Failed to read session data: files (path: ) in Unknown on line 0
From c104f04e1201d0a051d75842d6ceeb543be0cd7d Mon Sep 17 00:00:00 2001
From: Jorg Sowa <jorg.sowa@gmail.com>
Date: Sun, 11 Aug 2024 03:41:22 +0200
Subject: [PATCH 3/6] Adjusted error names for prefix or name
---
ext/session/session.c | 4 ++--
ext/session/tests/rfc1867_sid_invalid.phpt | 4 ++--
ext/session/tests/session_create_id_invalid_prefix.phpt | 6 +++---
3 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/ext/session/session.c b/ext/session/session.c
index 5f587212995c5..388c4b6c10e24 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -368,7 +368,7 @@ PHPAPI zend_result php_session_valid_key(const char *key) /* {{{ */
|| (c >= '0' && c <= '9')
|| c == ','
|| c == '-')) {
- php_error_docref(NULL, E_WARNING, "Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, \"-\", and \",\" characters are allowed");
+ php_error_docref(NULL, E_WARNING, "Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, \"-\", and \",\" characters are allowed");
return FAILURE;
}
}
@@ -378,7 +378,7 @@ PHPAPI zend_result php_session_valid_key(const char *key) /* {{{ */
/* Somewhat arbitrary length limit here, but should be way more than
anyone needs and avoids file-level warnings later on if we exceed MAX_PATH */
if (len == 0 || len > PS_MAX_SID_LENGTH) {
- php_error_docref(NULL, E_WARNING, "Prefix cannot be larger than 256 characters");
+ php_error_docref(NULL, E_WARNING, "Prefix or name cannot be larger than 256 characters");
return FAILURE;
}
diff --git a/ext/session/tests/rfc1867_sid_invalid.phpt b/ext/session/tests/rfc1867_sid_invalid.phpt
index 98594ba9073b0..be5756507d682 100644
--- a/ext/session/tests/rfc1867_sid_invalid.phpt
+++ b/ext/session/tests/rfc1867_sid_invalid.phpt
@@ -52,13 +52,13 @@ session_destroy();
@unlink(__DIR__ . DIRECTORY_SEPARATOR . "rfc1867_sid_invalid.post.txt");
?>
--EXPECTF--
-Warning: PHP Request Startup: Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
+Warning: PHP Request Startup: Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
Warning: PHP Request Startup: Failed to read session data: files (path: ) in Unknown on line 0
Warning: PHP Request Startup: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0
-Warning: PHP Request Startup: Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
+Warning: PHP Request Startup: Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
Warning: PHP Request Startup: Failed to read session data: files (path: ) in Unknown on line 0
diff --git a/ext/session/tests/session_create_id_invalid_prefix.phpt b/ext/session/tests/session_create_id_invalid_prefix.phpt
index 785c23049e5ab..4a25f338037ad 100644
--- a/ext/session/tests/session_create_id_invalid_prefix.phpt
+++ b/ext/session/tests/session_create_id_invalid_prefix.phpt
@@ -22,13 +22,13 @@ try {
?>
Done
--EXPECTF--
-Warning: session_create_id(): Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
+Warning: session_create_id(): Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
bool(false)
-Warning: session_create_id(): Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
+Warning: session_create_id(): Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
bool(false)
-Warning: session_create_id(): Prefix cannot be larger than 256 characters in %s on line %d
+Warning: session_create_id(): Prefix or name cannot be larger than 256 characters in %s on line %d
bool(false)
session_create_id(): Argument #1 ($prefix) must not contain any null bytes
Done
From 802f9ba4d3efaa114deef1a8d96dfcd13ca4fbb9 Mon Sep 17 00:00:00 2001
From: Jorg Sowa <jorg.sowa@gmail.com>
Date: Wed, 14 Aug 2024 22:01:02 +0200
Subject: [PATCH 4/6] Added ValueError and reverted other changes
---
ext/session/mod_files.c | 1 +
ext/session/session.c | 7 +++++--
ext/session/tests/rfc1867_sid_invalid.post | 13 +++++++++++++
.../tests/session_create_id_invalid_prefix.phpt | 13 +++++--------
4 files changed, 24 insertions(+), 10 deletions(-)
create mode 100644 ext/session/tests/rfc1867_sid_invalid.post
diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index 83c463823b74f..74e77973405b2 100644
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -166,6 +166,7 @@ static void ps_files_open(ps_files *data, /* const */ zend_string *key)
ps_files_close(data);
if (php_session_valid_key(ZSTR_VAL(key)) == FAILURE) {
+ php_error_docref(NULL, E_WARNING, "Session ID is too long or contains illegal characters. Only the A-Z, a-z, 0-9, \"-\", and \",\" characters are allowed");
return;
}
diff --git a/ext/session/session.c b/ext/session/session.c
index 388c4b6c10e24..32de7c36d7813 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -368,7 +368,6 @@ PHPAPI zend_result php_session_valid_key(const char *key) /* {{{ */
|| (c >= '0' && c <= '9')
|| c == ','
|| c == '-')) {
- php_error_docref(NULL, E_WARNING, "Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, \"-\", and \",\" characters are allowed");
return FAILURE;
}
}
@@ -378,7 +377,6 @@ PHPAPI zend_result php_session_valid_key(const char *key) /* {{{ */
/* Somewhat arbitrary length limit here, but should be way more than
anyone needs and avoids file-level warnings later on if we exceed MAX_PATH */
if (len == 0 || len > PS_MAX_SID_LENGTH) {
- php_error_docref(NULL, E_WARNING, "Prefix or name cannot be larger than 256 characters");
return FAILURE;
}
@@ -2385,8 +2383,13 @@ PHP_FUNCTION(session_create_id)
}
if (prefix && ZSTR_LEN(prefix)) {
+ if (ZSTR_LEN(prefix) > PS_MAX_SID_LENGTH) {
+ zend_argument_value_error(1, "cannot be longer than %d characters", PS_MAX_SID_LENGTH);
+ RETURN_THROWS();
+ }
if (php_session_valid_key(ZSTR_VAL(prefix)) == FAILURE) {
/* E_ERROR raised for security reason. */
+ php_error_docref(NULL, E_WARNING, "Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, \"-\", and \",\" characters are allowed");
RETURN_FALSE;
} else {
smart_str_append(&id, prefix);
diff --git a/ext/session/tests/rfc1867_sid_invalid.post b/ext/session/tests/rfc1867_sid_invalid.post
new file mode 100644
index 0000000000000..2ea939023c597
--- /dev/null
+++ b/ext/session/tests/rfc1867_sid_invalid.post
@@ -0,0 +1,13 @@
+-----------------------------20896060251896012921717172737
+Content-Disposition: form-data; name="PHP_SESSION_UPLOAD_PROGRESS"
+
+rfc1867_sid_invalid.php
+-----------------------------20896060251896012921717172737
+Content-Disposition: form-data; name="file1"; filename="file1.txt"
+
+1
+-----------------------------20896060251896012921717172737
+Content-Disposition: form-data; name="file2"; filename="file2.txt"
+
+2
+-----------------------------20896060251896012921717172737--
\ No newline at end of file
diff --git a/ext/session/tests/session_create_id_invalid_prefix.phpt b/ext/session/tests/session_create_id_invalid_prefix.phpt
index 4a25f338037ad..9be05519ce6ef 100644
--- a/ext/session/tests/session_create_id_invalid_prefix.phpt
+++ b/ext/session/tests/session_create_id_invalid_prefix.phpt
@@ -12,23 +12,20 @@ session
var_dump(session_create_id('_'));
var_dump(session_create_id('%'));
-var_dump(session_create_id('ABTgdPs68S3M4HMaqKwj33TzqLMv5PHpWQxJbfpeogEhrJRY7o9f33pKLCmhf0tXCtoBkIu0yxXYCSHfJhPd2miPUW4MIpd91dnEiOwWDfaBnfdJZOwgvgmYLSfDGaebqmnCAoyuzlcq2j59nNRhccgJIkr9ytY3RwFTTXszpcjpx6mlJuG9GksKAhPsnnaEwSEb0eFyqvn80gYI2roKSjaFSmJxg0xgXuCF4csMo8DxiSvovho5QTKx5u7h8VyQL'));
try {
+ var_dump(session_create_id('ABTgdPs68S3M4HMaqKwj33TzqLMv5PHpWQxJbfpeogEhrJRY7o9f33pKLCmhf0tXCtoBkIu0yxXYCSHfJhPd2miPUW4MIpd91dnEiOwWDfaBnfdJZOwgvgmYLSfDGaebqmnCAoyuzlcq2j59nNRhccgJIkr9ytY3RwFTTXszpcjpx6mlJuG9GksKAhPsnnaEwSEb0eFyqvn80gYI2roKSjaFSmJxg0xgXuCF4csMo8DxiSvovho5QTKx5u7h8VyQL'));
var_dump(session_create_id("AB\0CD"));
} catch (Throwable $e) {
- echo $e->getMessage() . "\n";
+ echo $e::class . ': ' . $e->getMessage() . "\n";
}
?>
Done
--EXPECTF--
-Warning: session_create_id(): Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
+Warning: session_create_id(): Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
bool(false)
-Warning: session_create_id(): Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
+Warning: session_create_id(): Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
bool(false)
-
-Warning: session_create_id(): Prefix or name cannot be larger than 256 characters in %s on line %d
-bool(false)
-session_create_id(): Argument #1 ($prefix) must not contain any null bytes
+ValueError: session_create_id(): Argument #1 ($prefix) cannot be longer than 256 characters
Done
From 0a2b1a2756914d3da78dd6dca9bd192400b7185b Mon Sep 17 00:00:00 2001
From: Jorg Sowa <jorg.sowa@gmail.com>
Date: Wed, 14 Aug 2024 22:04:20 +0200
Subject: [PATCH 5/6] Fixed test rfc1867_sid_invalid
---
ext/session/tests/rfc1867_sid_invalid.phpt | 4 ++--
ext/session/tests/rfc1867_sid_invalid.post | 13 -------------
2 files changed, 2 insertions(+), 15 deletions(-)
delete mode 100644 ext/session/tests/rfc1867_sid_invalid.post
diff --git a/ext/session/tests/rfc1867_sid_invalid.phpt b/ext/session/tests/rfc1867_sid_invalid.phpt
index be5756507d682..fe01b5a8ba2aa 100644
--- a/ext/session/tests/rfc1867_sid_invalid.phpt
+++ b/ext/session/tests/rfc1867_sid_invalid.phpt
@@ -52,13 +52,13 @@ session_destroy();
@unlink(__DIR__ . DIRECTORY_SEPARATOR . "rfc1867_sid_invalid.post.txt");
?>
--EXPECTF--
-Warning: PHP Request Startup: Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
+Warning: PHP Request Startup: Session ID is too long or contains illegal characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
Warning: PHP Request Startup: Failed to read session data: files (path: ) in Unknown on line 0
Warning: PHP Request Startup: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0
-Warning: PHP Request Startup: Prefix or name cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
+Warning: PHP Request Startup: Session ID is too long or contains illegal characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in Unknown on line 0
Warning: PHP Request Startup: Failed to read session data: files (path: ) in Unknown on line 0
diff --git a/ext/session/tests/rfc1867_sid_invalid.post b/ext/session/tests/rfc1867_sid_invalid.post
deleted file mode 100644
index 2ea939023c597..0000000000000
--- a/ext/session/tests/rfc1867_sid_invalid.post
+++ /dev/null
@@ -1,13 +0,0 @@
------------------------------20896060251896012921717172737
-Content-Disposition: form-data; name="PHP_SESSION_UPLOAD_PROGRESS"
-
-rfc1867_sid_invalid.php
------------------------------20896060251896012921717172737
-Content-Disposition: form-data; name="file1"; filename="file1.txt"
-
-1
------------------------------20896060251896012921717172737
-Content-Disposition: form-data; name="file2"; filename="file2.txt"
-
-2
------------------------------20896060251896012921717172737--
\ No newline at end of file
From 8cf171377425f07fd77276cd03cab9a304cae768 Mon Sep 17 00:00:00 2001
From: Jorg Sowa <jorg.sowa@gmail.com>
Date: Wed, 14 Aug 2024 22:06:07 +0200
Subject: [PATCH 6/6] Fixed session_create_id_invalid_prefix test
---
ext/session/tests/session_create_id_invalid_prefix.phpt | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/ext/session/tests/session_create_id_invalid_prefix.phpt b/ext/session/tests/session_create_id_invalid_prefix.phpt
index 9be05519ce6ef..7de7e8061f689 100644
--- a/ext/session/tests/session_create_id_invalid_prefix.phpt
+++ b/ext/session/tests/session_create_id_invalid_prefix.phpt
@@ -12,8 +12,14 @@ session
var_dump(session_create_id('_'));
var_dump(session_create_id('%'));
+
try {
var_dump(session_create_id('ABTgdPs68S3M4HMaqKwj33TzqLMv5PHpWQxJbfpeogEhrJRY7o9f33pKLCmhf0tXCtoBkIu0yxXYCSHfJhPd2miPUW4MIpd91dnEiOwWDfaBnfdJZOwgvgmYLSfDGaebqmnCAoyuzlcq2j59nNRhccgJIkr9ytY3RwFTTXszpcjpx6mlJuG9GksKAhPsnnaEwSEb0eFyqvn80gYI2roKSjaFSmJxg0xgXuCF4csMo8DxiSvovho5QTKx5u7h8VyQL'));
+} catch (Throwable $e) {
+ echo $e::class . ': ' . $e->getMessage() . "\n";
+}
+
+try {
var_dump(session_create_id("AB\0CD"));
} catch (Throwable $e) {
echo $e::class . ': ' . $e->getMessage() . "\n";
@@ -28,4 +34,5 @@ bool(false)
Warning: session_create_id(): Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed in %s on line %d
bool(false)
ValueError: session_create_id(): Argument #1 ($prefix) cannot be longer than 256 characters
+ValueError: session_create_id(): Argument #1 ($prefix) must not contain any null bytes
Done