- OpenSSL:
. Fixed bug #74022 (PHP Fast CGI crashes when reading from a pfx file).
(Anatol)
+ . Fixed bug #74099 (Memory leak with openssl_encrypt()). (Andrew Nester)
- Standard:
. Fixed bug #74005 (mail.add_x_header causes RFC-breaking lone line feed).
*poutbuf = zend_string_alloc((int)data_len + EVP_CIPHER_block_size(cipher_type), 0);
- if ((!enc || data_len > 0) &&
- !EVP_CipherUpdate(cipher_ctx, (unsigned char*)ZSTR_VAL(*poutbuf),
+ if (!EVP_CipherUpdate(cipher_ctx, (unsigned char*)ZSTR_VAL(*poutbuf),
&i, (unsigned char *)data, (int)data_len)) {
/* we don't show warning when we fail but if we ever do, then it should look like this:
if (mode->is_single_run_aead && !enc) {
php_error_docref(NULL, E_WARNING, "Failed to create cipher context");
RETURN_FALSE;
}
-
php_openssl_load_cipher_mode(&mode, cipher_type);
if (php_openssl_cipher_init(cipher_type, cipher_ctx, &mode,
--- /dev/null
+--TEST--
+Bug #74099 Memory leak with openssl_encrypt()
+--SKIPIF--
+<?php
+if (!extension_loaded("openssl")) die("skip");
+?>
+--FILE--
+<?php
+$aad = random_bytes(32);
+$iv = random_bytes(16);
+$key = random_bytes(32);
+
+$plaintext = '';
+$tag = null;
+
+$ciphertext = openssl_encrypt($plaintext, 'aes-256-gcm', $key, \OPENSSL_RAW_DATA, $iv, $tag, $aad);
+var_dump($ciphertext);
+?>
+--EXPECTF--
+string(0) ""
projects / php / commitdiff