address review comments

Girgias · jorgsowa · commit 5d010c67563f · 2024-10-13T17:58:47.000+02:00
diff --git a/ext/session/session.c b/ext/session/session.c
@@ -704,11 +704,13 @@ static PHP_INI_MH(OnUpdateName) /* {{{ */
 		}
 		return FAILURE;
 	}
-	/* Numeric session.name won't work at all */
+	/* Numeric session.name won't work at all
+	 * See https://bugs.php.net/bug.php?id=35703
+	 (TL;DR: name is stored in HashTable so numeric string is converted to int key, but lookup looks for string key). */
 	if (is_numeric_str_function(new_value, NULL, NULL)) {
 		/* Do not output error when restoring ini options. */
 		if (stage != ZEND_INI_STAGE_DEACTIVATE) {
-			php_error_docref(NULL, err_type, "session.name \"%s\" cannot be numeric or empty", ZSTR_VAL(new_value));
+			php_error_docref(NULL, err_type, "session.name \"%s\" cannot be numeric", ZSTR_VAL(new_value));
 		}
 		return FAILURE;
 	}
diff --git a/ext/session/tests/session_name_variation1.phpt b/ext/session/tests/session_name_variation1.phpt
@@ -15,6 +15,24 @@ ob_start();
 
 echo "*** Testing session_name() : variation ***\n";
 
+var_dump(session_name("\0"));
+var_dump(session_start());
+var_dump(session_name());
+var_dump(session_destroy());
+var_dump(session_name());
+
+var_dump(session_name("15"));
+var_dump(session_start());
+var_dump(session_name());
+var_dump(session_destroy());
+var_dump(session_name());
+
+var_dump(session_name("10.25"));
+var_dump(session_start());
+var_dump(session_name());
+var_dump(session_destroy());
+var_dump(session_name());
+
 var_dump(session_name("\t"));
 var_dump(session_start());
 var_dump(session_name());
@@ -33,7 +51,21 @@ ob_end_flush();
 --EXPECTF--
 *** Testing session_name() : variation ***
 
-Warning: session_name(): session.name "" cannot contain nul bytes in %s on line %d
+Warning: session_name(): session.name "" cannot contain NUL bytes in %s on line %d
+string(9) "PHPSESSID"
+bool(true)
+string(9) "PHPSESSID"
+bool(true)
+string(9) "PHPSESSID"
+
+Warning: session_name(): session.name "15" cannot be numeric in %s on line %d
+string(9) "PHPSESSID"
+bool(true)
+string(9) "PHPSESSID"
+bool(true)
+string(9) "PHPSESSID"
+
+Warning: session_name(): session.name "10.25" cannot be numeric in %s on line %d
 string(9) "PHPSESSID"
 
 Warning: session_start(): session.name cannot contain any of the following '=,;.[ \t\r\n\013\014' in %s on line %d

Original file line number	Diff line number	Diff line change
`@@ -704,11 +704,13 @@ static PHP_INI_MH(OnUpdateName) /* {{{ */`
`704`	`704`	`}`
`705`	`705`	`return FAILURE;`
`706`	`706`	`}`
`707`		`- /* Numeric session.name won't work at all */`
	`707`	`+ /* Numeric session.name won't work at all`
	`708`	`+ * See https://bugs.php.net/bug.php?id=35703`
	`709`	`+ (TL;DR: name is stored in HashTable so numeric string is converted to int key, but lookup looks for string key). */`
`708`	`710`	`if (is_numeric_str_function(new_value, NULL, NULL)) {`
`709`	`711`	`/* Do not output error when restoring ini options. */`
`710`	`712`	`if (stage != ZEND_INI_STAGE_DEACTIVATE) {`
`711`		`- php_error_docref(NULL, err_type, "session.name \"%s\" cannot be numeric or empty", ZSTR_VAL(new_value));`
	`713`	`+ php_error_docref(NULL, err_type, "session.name \"%s\" cannot be numeric", ZSTR_VAL(new_value));`
`712`	`714`	`}`
`713`	`715`	`return FAILURE;`
`714`	`716`	`}`