]> granicus.if.org Git - php/commitdiff
Fix segfault in older versions of OpenSSL (before 0.9.8i)
authorScott MacVicar <scottmac@php.net>
Sun, 18 Dec 2011 05:14:32 +0000 (05:14 +0000)
committerScott MacVicar <scottmac@php.net>
Sun, 18 Dec 2011 05:14:32 +0000 (05:14 +0000)
NEWS
ext/openssl/openssl.c

diff --git a/NEWS b/NEWS
index ac14281145331dc28c4e26a0c0b0d81ff49195b2..486598fbdc2ce66148d0eda6969d5fb8ca80b21f 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,9 @@ PHP                                                                        NEWS
   . Added max_input_vars directive to prevent attacks based on hash collisions
     (Dmitry).
 
+- OpenSSL:
+  . Fix segfault with older versions of OpenSSL. (Scott)
+      
 - Streams:
   . Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together
     with the last read). (Gustavo)
index 80cecf06790433f9b9ab07628a53826e9a100550..4ea443698d299584109b7233f692bc93352614b1 100644 (file)
@@ -4713,7 +4713,9 @@ PHP_FUNCTION(openssl_encrypt)
                EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
        }
        EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
-       EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+       if (data_len > 0) {
+               EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+       }
        outlen = i;
        if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
                outlen += i;