output_buffering + trans_sess_id can corrupt session

Bug #29333	output_buffering + trans_sess_id can corrupt session
Submitted:	2004-07-22 17:26 UTC	Modified:	2004-07-23 06:14 UTC
From:	alan at akbkhome dot com	Assigned:
Status:	Closed	Package:	Output Control
PHP Version:	4.3.8	OS:	linux debian & redhat
Private report:	No	CVE-ID:	None

[2004-07-22 17:26 UTC] alan at akbkhome dot com

Description:
------------
if output_buffering is set to 4096 and trans_sess_id is used, the output may be broken:

In the reproduce example, the trans_sess_id writes
<a href="/translators/index.php/calendar/view" ?phpsessid="fa562d5bb14df890e6db68627ea76442">



Reproduce code:
---------------
http://www.akbkhome.com/svn/test_trans/.htaccess
http://www.akbkhome.com/svn/test_trans/test.php
http://www.akbkhome.com/svn/test_trans/home.html.en.php


htaccess includes:

php_value session.use_cookies 0
php_value session.use_trans_sid 1 
php_value output_buffering 4098

test.php just sets up enough variables to render the HTML

home.html.en.php is just a HTML which happens to have the url link in the right place to reproduce the bug.



Expected result:
----------------
on the "View your personal calendar": 

<a href="/translators/index.php/calendar/view?phpsessid=fa562d5bb14df890e6db68627ea76442">



Actual result:
--------------
on the "View your personal calendar": 

<a href="/translators/index.php/calendar/view" ?phpsessid="fa562d5bb14df890e6db68627ea76442">

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-07-22 17:30 UTC] alan_k@php.net

Note: this code worked perfectly on 4.3.1

[2004-07-23 05:32 UTC] iliaa@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.