Skip to content

Commit

Permalink
Strict session. Detect session id collision
Browse files Browse the repository at this point in the history
  • Loading branch information
@smalyshev
Yasuo Ohgaki authored and smalyshev committed Aug 4, 2013
1 parent 25e8fcc commit 82b0e8b
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 2 deletions.
15 changes: 14 additions & 1 deletion ext/session/mod_files.c
View file
Expand Up @@ -459,9 +459,22 @@ PS_GC_FUNC(files)
PS_CREATE_SID_FUNC(files)
{
char *sid;
int maxfail = 3;
PS_FILES_DATA;

sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
do {
sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
/* Check collision */
if (ps_files_key_exists(data, sid TSRMLS_CC) == SUCCESS) {
if (sid) {
efree(sid);
sid = NULL;
}
if (!(maxfail--)) {
return NULL;
}
}
} while(!sid);

return sid;
}
Expand Down
15 changes: 14 additions & 1 deletion ext/session/mod_mm.c
View file
Expand Up @@ -479,9 +479,22 @@ PS_GC_FUNC(mm)
PS_CREATE_SID_FUNC(mm)
{
char *sid;
int maxfail = 3;
PS_MM_DATA;

sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
do {
sid = php_session_create_id((void **)&data, newlen TSRMLS_CC);
/* Check collision */
if (ps_mm_key_exists(data, sid TSRMLS_CC) == SUCCESS) {
if (sid) {
efree(sid);
sid = NULL;
}
if (!(maxfail--)) {
return NULL;
}
}
} while(!sid);

return sid;
}
Expand Down

0 comments on commit 82b0e8b

Please sign in to comment.