Thanks to visit codestin.com
Credit goes to github.com

Skip to content

session: Stop using php_combined_lcg() #13568

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Mar 2, 2024
Merged

session: Stop using php_combined_lcg() #13568

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
cb89900
session: Slightly reorder the members within the module globals
TimWolla Mar 1, 2024
4e14ea8
session: Stop using php_combined_lcg()
TimWolla Mar 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 15 additions & 11 deletions ext/session/php_session.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@

#include "ext/standard/php_var.h"
#include "ext/hash/php_hash.h"
#include "ext/random/php_random.h"

#define PHP_SESSION_API 20161017

Expand Down Expand Up @@ -132,10 +133,10 @@ typedef struct _php_session_rfc1867_progress {
size_t content_length;

zval data; /* the array exported to session data */
zval *post_bytes_processed; /* data["bytes_processed"] */
zval files; /* data["files"] array */
zval current_file; /* array of currently uploading file */
zval *post_bytes_processed; /* data["bytes_processed"] */
zval *current_file_bytes_processed;
zval current_file; /* array of currently uploading file */
} php_session_rfc1867_progress;

typedef struct _php_ps_globals {
Expand All @@ -147,19 +148,21 @@ typedef struct _php_ps_globals {
zend_long cookie_lifetime;
char *cookie_path;
char *cookie_domain;
char *cookie_samesite;
bool cookie_secure;
bool cookie_httponly;
char *cookie_samesite;
const ps_module *mod;
const ps_module *default_mod;
void *mod_data;
php_session_status session_status;
zend_string *session_started_filename;
uint32_t session_started_lineno;
int module_number;
php_random_status_state_pcgoneseq128xslrr64 random_state;
php_random_algo_with_state random;
zend_long gc_probability;
zend_long gc_divisor;
zend_long gc_maxlifetime;
int module_number;
zend_long cache_expire;
struct {
zval ps_open;
Expand All @@ -172,28 +175,29 @@ typedef struct _php_ps_globals {
zval ps_validate_sid;
zval ps_update_timestamp;
} mod_user_names;
zend_string *mod_user_class_name;
bool mod_user_implemented;
bool mod_user_is_open;
zend_string *mod_user_class_name;
const struct ps_serializer_struct *serializer;
zval http_session_vars;
bool auto_start;
bool use_cookies;
bool use_only_cookies;
bool use_trans_sid; /* contains the INI value of whether to use trans-sid */
bool send_cookie;
bool define_sid;

const struct ps_serializer_struct *serializer;
zval http_session_vars;

zend_long sid_length;
zend_long sid_bits_per_character;
bool send_cookie;
bool define_sid;

php_session_rfc1867_progress *rfc1867_progress;
bool rfc1867_enabled; /* session.upload_progress.enabled */
bool rfc1867_cleanup; /* session.upload_progress.cleanup */
char *rfc1867_prefix; /* session.upload_progress.prefix */
char *rfc1867_name; /* session.upload_progress.name */
zend_long rfc1867_freq; /* session.upload_progress.freq */
double rfc1867_min_freq; /* session.upload_progress.min_freq */
bool rfc1867_enabled; /* session.upload_progress.enabled */
bool rfc1867_cleanup; /* session.upload_progress.cleanup */

bool use_strict_mode; /* whether or not PHP accepts unknown session ids */
bool lazy_write; /* omit session write when it is possible */
Expand Down
21 changes: 15 additions & 6 deletions ext/session/session.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -387,17 +387,16 @@ PHPAPI zend_result php_session_valid_key(const char *key) /* {{{ */

static zend_long php_session_gc(bool immediate) /* {{{ */
{
int nrand;
zend_long num = -1;
bool collect = immediate;

/* GC must be done before reading session data. */
if ((PS(mod_data) || PS(mod_user_implemented))) {
if (immediate) {
PS(mod)->s_gc(&PS(mod_data), PS(gc_maxlifetime), &num);
return num;
if (!collect && PS(gc_probability) > 0) {
collect = php_random_range(PS(random), 0, PS(gc_divisor) - 1) < PS(gc_probability);
}
nrand = (zend_long) ((float) PS(gc_divisor) * php_combined_lcg());
if (PS(gc_probability) > 0 && nrand < PS(gc_probability)) {

if (collect) {
PS(mod)->s_gc(&PS(mod_data), PS(gc_maxlifetime), &num);
}
}
Expand Down Expand Up @@ -2872,6 +2871,16 @@ static PHP_GINIT_FUNCTION(ps) /* {{{ */
ZVAL_UNDEF(&ps_globals->mod_user_names.ps_validate_sid);
ZVAL_UNDEF(&ps_globals->mod_user_names.ps_update_timestamp);
ZVAL_UNDEF(&ps_globals->http_session_vars);

ps_globals->random = (php_random_algo_with_state){
.algo = &php_random_algo_pcgoneseq128xslrr64,
.state = &ps_globals->random_state,
};
php_random_uint128_t seed;
if (php_random_bytes_silent(&seed, sizeof(seed)) == FAILURE) {
seed = php_random_uint128_constant(GENERATE_SEED(), GENERATE_SEED());
}
php_random_pcgoneseq128xslrr64_seed128(ps_globals->random.state, seed);
}
/* }}} */

Expand Down