From c0147a05882661a0d4f36a4dd7841e61df8d85ce Mon Sep 17 00:00:00 2001
From: nielsdos <7771979+nielsdos@users.noreply.github.com>
Date: Sun, 25 Jun 2023 22:27:13 +0200
Subject: [PATCH] Fix GH-11529: Crash after dealing with an Apache request

In an MPM worker scenario we have 1 module, N threads. Each thread must
have their globals initialised. If we only initialise the filename
fields in MINIT, then the threads have an uninitialized value. If the
uninitialized value is not NULL, this leads to segfaults upon access.

Closes GH-11530.
---
 NEWS                  | 3 +++
 ext/session/session.c | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 8c080920a07..0fcd9e1af0e 100644
--- a/NEWS
+++ b/NEWS
@@ -15,6 +15,9 @@ PHP                                                                        NEWS
   . Fixed bug GH-11514 (PHP 8.3 build fails with --enable-mbstring enabled).
     (nielsdos)
 
+- Session:
+  . Fixed bug GH-11529 (Crash after dealing with an Apache request). (nielsdos)
+
 - zip:
   . zip extension version 1.22.0 for libzip 1.10.0. (Remi)
   . add new error macros (ER_DATA_LENGTH and ER_NOT_ALLOWED). (Remi)
diff --git a/ext/session/session.c b/ext/session/session.c
index 492bbbe612b..3ec9315d882 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -2843,6 +2843,8 @@ static PHP_GINIT_FUNCTION(ps) /* {{{ */
 	ps_globals->mod_user_is_open = 0;
 	ps_globals->session_vars = NULL;
 	ps_globals->set_handler = 0;
+	ps_globals->session_started_filename = NULL;
+	ps_globals->session_started_lineno = 0;
 	/* Unset user defined handlers */
 	ZVAL_UNDEF(&ps_globals->mod_user_names.ps_open);
 	ZVAL_UNDEF(&ps_globals->mod_user_names.ps_close);
@@ -2865,8 +2867,6 @@ static PHP_MINIT_FUNCTION(session) /* {{{ */
 	PS(module_number) = module_number;
 
 	PS(session_status) = php_session_none;
-	PS(session_started_filename) = NULL;
-	PS(session_started_lineno) = 0;
 	REGISTER_INI_ENTRIES();
 
 #ifdef HAVE_LIBMM