Skip to content

SEGV session #17541

New issue
New issue
Closed
Closed
SEGV session#17541
Assignees
Girgias
Labels
BugExtension: sessionStatus: Verified
@YuanchengJiang

Description

@YuanchengJiang
YuanchengJiang
opened on Jan 22, 2025

Description

The following code:

<?php
if (defined("pass3")) {
} else {
function errorHandler($errorNumber, $errorMessage, $fileName, $lineNumber) {
define("pass3", 1);
include(__FILE__);
}
set_error_handler('errorHandler');
}
ob_start();
var_dump(session_name("\t"));
var_dump(session_start());
var_dump(session_destroy());

Resulted in this output:

/home/phpfuzz/WorkSpace/flowfusion/php-src/ext/session/session.c:1571:27: runtime error: member access within null pointer of type 'zend_string' (aka 'struct _zend_string')
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /home/phpfuzz/WorkSpace/flowfusion/php-src/ext/session/session.c:1571:27

PHP Version

nightly

Operating System

No response

Metadata

Metadata

Assignees

Labels

BugExtension: sessionStatus: Verified

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions