ext/standard: throw ValueError if argument contains null byte in session_module_name()

Girgias · Girgias · commit b7ba070702c6 · 2026-02-06T16:16:45.000Z
And fix error message to use 'must not' rather than 'cannot'
diff --git a/UPGRADING b/UPGRADING
@@ -23,6 +23,10 @@ PHP 8.6 UPGRADE NOTES
   . Invalid values now throw in Phar::mungServer() instead of being silently
     ignored.
 
+- Session:
+  . A ValueError is not thrown if $name is a string containing null bytes in
+    session_module_name().
+
 - Standard:
   . Invalid mode values now throw in array_filter() instead of being silently
     defaulted to 0.
diff --git a/ext/session/session.c b/ext/session/session.c
@@ -1996,9 +1996,8 @@ PHP_FUNCTION(session_name)
 PHP_FUNCTION(session_module_name)
 {
 	zend_string *name = NULL;
-	zend_string *ini_name;
 
-	if (zend_parse_parameters(ZEND_NUM_ARGS(), "|S!", &name) == FAILURE) {
+	if (zend_parse_parameters(ZEND_NUM_ARGS(), "|P!", &name) == FAILURE) {
 		RETURN_THROWS();
 	}
 
@@ -2015,7 +2014,7 @@ PHP_FUNCTION(session_module_name)
 
 	if (name) {
 		if (zend_string_equals_ci(name, ZSTR_KNOWN(ZEND_STR_USER))) {
-			zend_argument_value_error(1, "cannot be \"user\"");
+			zend_argument_value_error(1, "must not be \"user\"");
 			RETURN_THROWS();
 		}
 		if (!_php_find_ps_module(ZSTR_VAL(name))) {
@@ -2029,7 +2028,7 @@ PHP_FUNCTION(session_module_name)
 		}
 		PS(mod_data) = NULL;
 
-		ini_name = ZSTR_INIT_LITERAL("session.save_handler", false);
+		zend_string *ini_name = ZSTR_INIT_LITERAL("session.save_handler", false);
 		zend_alter_ini_entry(ini_name, name, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
 		zend_string_release_ex(ini_name, false);
 	}
diff --git a/ext/session/tests/bug73100.phpt b/ext/session/tests/bug73100.phpt
@@ -24,5 +24,5 @@ bool(true)
 
 Warning: session_module_name(): Session save handler module cannot be changed when a session is active (started from %s on line %d) in %s on line %d
 bool(true)
-session_module_name(): Argument #1 ($module) cannot be "user"
+session_module_name(): Argument #1 ($module) must not be "user"
 ===DONE===
diff --git a/ext/session/tests/session_module_name_errors.phpt b/ext/session/tests/session_module_name_errors.phpt
@@ -0,0 +1,22 @@
+--TEST--
+session_module_name(): errors
+--EXTENSIONS--
+session
+--FILE--
+<?php
+
+try {
+	var_dump(session_module_name("user"));
+} catch (Throwable $e) {
+	echo $e::class, ': ', $e->getMessage(), PHP_EOL;
+}
+try {
+	var_dump(session_module_name("fi\0le"));
+} catch (Throwable $e) {
+	echo $e::class, ': ', $e->getMessage(), PHP_EOL;
+}
+
+?>
+--EXPECT--
+ValueError: session_module_name(): Argument #1 ($module) must not be "user"
+ValueError: session_module_name(): Argument #1 ($module) must not contain any null bytes

Original file line number	Diff line number	Diff line change
`@@ -1996,9 +1996,8 @@ PHP_FUNCTION(session_name)`
`1996`	`1996`	`PHP_FUNCTION(session_module_name)`
`1997`	`1997`	`{`
`1998`	`1998`	`zend_string *name = NULL;`
`1999`		`- zend_string *ini_name;`
`2000`	`1999`
`2001`		`- if (zend_parse_parameters(ZEND_NUM_ARGS(), "\|S!", &name) == FAILURE) {`
	`2000`	`+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "\|P!", &name) == FAILURE) {`
`2002`	`2001`	`RETURN_THROWS();`
`2003`	`2002`	`}`
`2004`	`2003`
`@@ -2015,7 +2014,7 @@ PHP_FUNCTION(session_module_name)`
`2015`	`2014`
`2016`	`2015`	`if (name) {`
`2017`	`2016`	`if (zend_string_equals_ci(name, ZSTR_KNOWN(ZEND_STR_USER))) {`
`2018`		`- zend_argument_value_error(1, "cannot be \"user\"");`
	`2017`	`+ zend_argument_value_error(1, "must not be \"user\"");`
`2019`	`2018`	`RETURN_THROWS();`
`2020`	`2019`	`}`
`2021`	`2020`	`if (!_php_find_ps_module(ZSTR_VAL(name))) {`
`@@ -2029,7 +2028,7 @@ PHP_FUNCTION(session_module_name)`
`2029`	`2028`	`}`
`2030`	`2029`	`PS(mod_data) = NULL;`
`2031`	`2030`
`2032`		`- ini_name = ZSTR_INIT_LITERAL("session.save_handler", false);`
	`2031`	`+ zend_string *ini_name = ZSTR_INIT_LITERAL("session.save_handler", false);`
`2033`	`2032`	`zend_alter_ini_entry(ini_name, name, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);`
`2034`	`2033`	`zend_string_release_ex(ini_name, false);`
`2035`	`2034`	`}`