archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix GH-13680: Segfault with session_decode and compilation error

Browse source 
It's illegal to return from a bailout because that doesn't restore the
original bailout data. Return outside of it.

Test by YuanchengJiang

Closes GH-13689.
This commit is contained in:
Niels Dossche 2024-03-12 21:10:53 +01:00
parent 809446d3d1
commit 6985aff7c3
3 changed files with 32 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ext/session/session.c
View file

@ -259,16 +259,17 @@ static zend_result php_session_decode(zend_string *data) /* {{{ */
php_error_docref(NULL, E_WARNING, "Unknown session.serialize_handler. Failed to decode session object");
return FAILURE;
}
zend_result result = SUCCESS;
zend_try {
if (PS(serializer)->decode(ZSTR_VAL(data), ZSTR_LEN(data)) == FAILURE) {
php_session_cancel_decode();
return FAILURE;
result = FAILURE;
}
} zend_catch {
php_session_cancel_decode();
zend_bailout();
} zend_end_try();
return SUCCESS;
return result;
}
/* }}} */