. Added max_input_vars directive to prevent attacks based on hash collisions
(Dmitry).
+- OpenSSL:
+ . Fix segfault with older versions of OpenSSL. (Scott)
+
- Streams:
. Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together
with the last read). (Gustavo)
EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
}
EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
- EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+ if (data_len > 0) {
+ EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+ }
outlen = i;
if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
outlen += i;