From 4b01cd1bf3fbd115106f8a9956094a9d5de76a00 Mon Sep 17 00:00:00 2001 From: Gina Peter Banyard Date: Tue, 10 Feb 2026 12:17:47 +0000 Subject: [PATCH 1/3] ext/session/mod_mm: implement VALIDATE_SID handler (#21178) Rather than "manually" doing it in the READ handler. At the same time, get rid of various inconsistent legacy handler macro definitions, thus mandating all modules to implement the create and validate SID handlers. The only handler that remains optional is the update timestamp one. --- UPGRADING.INTERNALS | 6 ++++++ ext/session/mod_mm.c | 42 +++++++++++++++++++-------------------- ext/session/php_session.h | 27 +++++-------------------- 3 files changed, 32 insertions(+), 43 deletions(-) diff --git a/UPGRADING.INTERNALS b/UPGRADING.INTERNALS index c79bd44556da7..c4ad30b9bad5f 100644 --- a/UPGRADING.INTERNALS +++ b/UPGRADING.INTERNALS @@ -100,6 +100,12 @@ PHP 8.6 INTERNALS UPGRADE NOTES `void **mod_data, zend_string *save_path, zend_string *session_name` rather than `void **mod_data, const char *save_path, const char *session_name` + . PS_FUNCS() now includes the PS_VALIDATE_SID_FUNC() + . PS_MOD() now requires that the PS_CREATE_SID_FUNC() and + PS_VALIDATE_SID_FUNC() functions are defined. + . PS_FUNCS_SID() and PS_MOD_SID() have been removed. + Either use PS_FUNCS()/PS_MOD() or PS_FUNCS_UPDATE_TIMESTAMP()/ + PS_MOD_UPDATE_TIMESTAMP() if timestamp support exists. - ext/standard: . _php_error_log() now has a formal return type of zend_result. diff --git a/ext/session/mod_mm.c b/ext/session/mod_mm.c index a2d9a5641e7f1..d6312c5fa1f3c 100644 --- a/ext/session/mod_mm.c +++ b/ext/session/mod_mm.c @@ -215,7 +215,7 @@ static zend_result ps_mm_key_exists(ps_mm *data, const zend_string *key) } const ps_module ps_mod_mm = { - PS_MOD_SID(mm) + PS_MOD(mm) }; #define PS_MM_DATA ps_mm *data = PS_GET_MOD_DATA() @@ -346,26 +346,7 @@ PS_READ_FUNC(mm) mm_lock(data->mm, MM_LOCK_RD); - /* If there is an ID and strict mode, verify existence */ - if (PS(use_strict_mode) - && ps_mm_key_exists(data, key) == FAILURE) { - /* key points to PS(id), but cannot change here. */ - if (key) { - efree(PS(id)); - PS(id) = NULL; - } - PS(id) = PS(mod)->s_create_sid((void **)&data); - if (!PS(id)) { - return FAILURE; - } - if (PS(use_cookies)) { - PS(send_cookie) = true; - } - php_session_reset_id(); - PS(session_status) = php_session_active; - } - - sd = ps_sd_lookup(data, PS(id), false); + sd = ps_sd_lookup(data, key, false); if (sd) { *val = zend_string_init(sd->data, sd->datalen, false); ret = SUCCESS; @@ -488,4 +469,23 @@ PS_CREATE_SID_FUNC(mm) return sid; } +/* + * Check session ID existence for use_strict_mode support. + * PARAMETERS: PS_VALIDATE_SID_ARGS in php_session.h + * RETURN VALUE: SUCCESS or FAILURE. + * + * Return SUCCESS for valid key(already existing session). + * Return FAILURE for invalid key(non-existing session). + * *mod_data, *key are guaranteed to have non-NULL values. + */ +PS_VALIDATE_SID_FUNC(mm) +{ + PS_MM_DATA; + + mm_lock(data->mm, MM_LOCK_RD); + zend_result ret = ps_mm_key_exists(data, key) + mm_unlock(data->mm); + return ret; +} + #endif diff --git a/ext/session/php_session.h b/ext/session/php_session.h index 8c857d29a5fc0..8365468675853 100644 --- a/ext/session/php_session.h +++ b/ext/session/php_session.h @@ -62,7 +62,7 @@ typedef struct ps_module_struct { #define PS_VALIDATE_SID_FUNC(x) zend_result ps_validate_sid_##x(PS_VALIDATE_SID_ARGS) #define PS_UPDATE_TIMESTAMP_FUNC(x) zend_result ps_update_timestamp_##x(PS_UPDATE_TIMESTAMP_ARGS) -/* Legacy save handler module definitions */ +/* Save handler module definitions without timestamp enabled */ #define PS_FUNCS(x) \ PS_OPEN_FUNC(x); \ PS_CLOSE_FUNC(x); \ @@ -70,32 +70,15 @@ typedef struct ps_module_struct { PS_WRITE_FUNC(x); \ PS_DESTROY_FUNC(x); \ PS_GC_FUNC(x); \ - PS_CREATE_SID_FUNC(x) + PS_CREATE_SID_FUNC(x) \ + PS_VALIDATE_SID_FUNC(x); #define PS_MOD(x) \ - #x, ps_open_##x, ps_close_##x, ps_read_##x, ps_write_##x, \ - ps_delete_##x, ps_gc_##x, php_session_create_id, \ - php_session_validate_sid, php_session_update_timestamp - -/* Legacy SID creation enabled save handler module definitions */ -#define PS_FUNCS_SID(x) \ - PS_OPEN_FUNC(x); \ - PS_CLOSE_FUNC(x); \ - PS_READ_FUNC(x); \ - PS_WRITE_FUNC(x); \ - PS_DESTROY_FUNC(x); \ - PS_GC_FUNC(x); \ - PS_CREATE_SID_FUNC(x); \ - PS_VALIDATE_SID_FUNC(x); \ - PS_UPDATE_TIMESTAMP_FUNC(x); - -#define PS_MOD_SID(x) \ #x, ps_open_##x, ps_close_##x, ps_read_##x, ps_write_##x, \ ps_delete_##x, ps_gc_##x, ps_create_sid_##x, \ - php_session_validate_sid, php_session_update_timestamp + ps_validate_sid_##x, NULL -/* Update timestamp enabled save handler module definitions - New save handlers should use this API */ +/* Save handlers with timestamp enabled, it is recommended to use this API */ #define PS_FUNCS_UPDATE_TIMESTAMP(x) \ PS_OPEN_FUNC(x); \ PS_CLOSE_FUNC(x); \ From 26559c5815a844b344d18a994277a7b567c6cb48 Mon Sep 17 00:00:00 2001 From: Arshid Date: Tue, 10 Feb 2026 17:50:42 +0530 Subject: [PATCH 2/3] ext/readline: Returning a boolean value using RETURN_BOOL (#21186) --- ext/readline/readline.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/ext/readline/readline.c b/ext/readline/readline.c index 61129194db208..dad6a726f1bff 100644 --- a/ext/readline/readline.c +++ b/ext/readline/readline.c @@ -495,10 +495,8 @@ PHP_FUNCTION(readline_completion_function) /* NOTE: The rl_attempted_completion_function variable (and others) are part of the readline library, not php */ rl_attempted_completion_function = php_readline_completion_cb; - if (rl_attempted_completion_function == NULL) { - RETURN_FALSE; - } - RETURN_TRUE; + + RETURN_BOOL(rl_attempted_completion_function != NULL); } /* }}} */ From c995a6cb4b7e26fb79daf79672ccad1079187e6c Mon Sep 17 00:00:00 2001 From: Arshid Date: Tue, 10 Feb 2026 17:56:18 +0530 Subject: [PATCH 3/3] ext/ftp: Returning a boolean value using RETURN_BOOL (#21187) --- ext/ftp/php_ftp.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/ext/ftp/php_ftp.c b/ext/ftp/php_ftp.c index ffba1192f0581..245d95bf1260b 100644 --- a/ext/ftp/php_ftp.c +++ b/ext/ftp/php_ftp.c @@ -678,11 +678,8 @@ PHP_FUNCTION(ftp_pasv) } GET_FTPBUF(ftp, z_ftp); - if (!ftp_pasv(ftp, pasv ? 1 : 0)) { - RETURN_FALSE; - } + RETURN_BOOL(ftp_pasv(ftp, pasv ? 1 : 0)); - RETURN_TRUE; } /* }}} */