CVE-2013-2249

mod_session_dbd: Make sure that dirty flag is respected when saving sessions, and ensure the session ID is changed each time the session changes. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1488158 13f79535-47bb-0310-9956-ffa450edef68
author: Graham Leggett <minfrin@apache.org> 2013-05-31 13:13:25 +0200
committer: Graham Leggett <minfrin@apache.org> 2013-05-31 13:13:25 +0200
commit: 3eed634c9c382265179381c05181ba683672262f (patch)
tree: 629ab2f0bcf23bac98374ff85a7fa7e3ab141e2a /modules/session/mod_session_cookie.c
parent: cosmetics. (diff)
download: apache2-3eed634c9c382265179381c05181ba683672262f.tar.xz
apache2-3eed634c9c382265179381c05181ba683672262f.zip
1 files changed, 0 insertions, 1 deletions
diff --git a/modules/session/mod_session_cookie.c b/modules/session/mod_session_cookie.c
index 15b3d9c6c5..6a02322bf1 100644
--- a/modules/session/mod_session_cookie.c
+++ b/modules/session/mod_session_cookie.c
@@ -157,7 +157,6 @@ static apr_status_t session_cookie_load(request_rec * r, session_rec ** z)
     zz->pool = m->pool;
     zz->entries = apr_table_make(m->pool, 10);
     zz->encoded = val;
-    zz->uuid = (apr_uuid_t *) apr_pcalloc(m->pool, sizeof(apr_uuid_t));
     *z = zz;
 
     /* put the session in the notes so we don't have to parse it again */
author	Graham Leggett <minfrin@apache.org>	2013-05-31 13:13:25 +0200
committer	Graham Leggett <minfrin@apache.org>	2013-05-31 13:13:25 +0200
commit	3eed634c9c382265179381c05181ba683672262f (patch)
tree	629ab2f0bcf23bac98374ff85a7fa7e3ab141e2a /modules/session/mod_session_cookie.c
parent	cosmetics. (diff)
download	apache2-3eed634c9c382265179381c05181ba683672262f.tar.xz apache2-3eed634c9c382265179381c05181ba683672262f.zip