From 22dc32042a92f1ed521afaf4352cd931c20b11ea Mon Sep 17 00:00:00 2001
From: Tony Levi <tony.levi@netspot.com.au>
Date: Tue, 10 Apr 2012 13:15:39 +0930
Subject: [PATCH] MDL-32379: Fix memory leak in session_set_user

session_set_user mistakingly sets the session user to be a reference to the passed object.

This is a problem when alot of data is attached to the session user object,
as any process holding a list of these users will use more memory each time it changes user.
---
 lib/sessionlib.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/sessionlib.php b/lib/sessionlib.php
index be15e142d4b..c218c09bae0 100644
--- a/lib/sessionlib.php
+++ b/lib/sessionlib.php
@@ -1067,7 +1067,7 @@ function get_moodle_cookie() {
  * @return void
  */
 function session_set_user($user) {
-    $_SESSION['USER'] = $user;
+    $_SESSION['USER'] = clone $user;
     unset($_SESSION['USER']->description); // conserve memory
     sesskey(); // init session key
 
-- 
2.43.0