From 1ee90e4d81f552ce853e5c1086e06416e8ecc294 Mon Sep 17 00:00:00 2001
From: Jakub Bogusz <qboosh@pld-linux.org>
Date: Mon, 3 Nov 2003 11:10:15 +0000
Subject: [PATCH] - fix for CAN-2003-0442 (XSS in session.use_trans_sid) from
 RH

Changed files:
    php-sessid.patch -> 1.1.2.1
---
 php-sessid.patch | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 php-sessid.patch

diff --git a/php-sessid.patch b/php-sessid.patch
new file mode 100644
index 0000000..582fe86
--- /dev/null
+++ b/php-sessid.patch
@@ -0,0 +1,16 @@
+
+Fix for XSS in session.use_trans_sid support: CAN-2003-0442.
+
+--- php-4.2.2/ext/session/session.c.sessid
++++ php-4.2.2/ext/session/session.c
+@@ -84,7 +84,9 @@
+ static void php_session_output_handler(char *output, uint output_len, char **handled_output, uint *handled_output_len, int mode TSRMLS_DC)
+ {
+ 	if ((PS(session_status) == php_session_active)) {
+-		*handled_output = url_adapt_ext_ex(output, output_len, PS(session_name), PS(id), handled_output_len, (zend_bool) (mode&PHP_OUTPUT_HANDLER_END ? 1 : 0) TSRMLS_CC);
++		char *encoded = php_url_encode(PS(id), strlen(PS(id)), NULL);
++		*handled_output = url_adapt_ext_ex(output, output_len, PS(session_name), encoded, handled_output_len, (zend_bool) (mode&PHP_OUTPUT_HANDLER_END ? 1 : 0) TSRMLS_CC);
++		efree(encoded);
+ 	} else {
+ 		*handled_output = NULL;
+ 	}
-- 
2.44.0