From 0be5634a455091c98962ae094792fa644fca06f3 Mon Sep 17 00:00:00 2001 From: Niels Dossche <7771979+nielsdos@users.noreply.github.com> Date: Mon, 1 Apr 2024 13:39:38 +0200 Subject: [PATCH] Fix GH-13856: Member access within null pointer of type 'ps_files' in ext/session/mod_files.c We should not mark the session as opened when there was a failure in open. --- ext/session/mod_user_class.c | 6 ++++-- ext/session/tests/gh13856.phpt | 19 +++++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 ext/session/tests/gh13856.phpt diff --git a/ext/session/mod_user_class.c b/ext/session/mod_user_class.c index d5b71da52c282..853db659887be 100644 --- a/ext/session/mod_user_class.c +++ b/ext/session/mod_user_class.c @@ -47,8 +47,6 @@ PHP_METHOD(SessionHandler, open) PS_SANITY_CHECK; - PS(mod_user_is_open) = 1; - zend_try { ret = PS(default_mod)->s_open(&PS(mod_data), save_path, session_name); } zend_catch { @@ -56,6 +54,10 @@ PHP_METHOD(SessionHandler, open) zend_bailout(); } zend_end_try(); + if (SUCCESS == ret) { + PS(mod_user_is_open) = 1; + } + RETURN_BOOL(SUCCESS == ret); } /* }}} */ diff --git a/ext/session/tests/gh13856.phpt b/ext/session/tests/gh13856.phpt new file mode 100644 index 0000000000000..a6d9fa0eaedb7 --- /dev/null +++ b/ext/session/tests/gh13856.phpt @@ -0,0 +1,19 @@ +--TEST-- +GH-13856 (Member access within null pointer of type 'ps_files' in ext/session/mod_files.c) +--EXTENSIONS-- +session +--INI-- +session.save_handler=files +open_basedir=. +error_reporting=E_ALL +--FILE-- + +--EXPECTF-- +Warning: SessionHandler::open(): open_basedir restriction in effect. File(%s) is not within the allowed path(s): (.) in %s on line %d + +Warning: SessionHandler::close(): Parent session handler is not open in %s on line %d + +Warning: session_start(): Failed to initialize storage module: user (path: ) in %s on line %d