Fix uninitilized variables in openssl_pkcs7_encrypt() and openssl_pkcs7_sign()

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index e1f4bb56decc35729b3f2734953c3ddc69ab8e27..0139a5e3f953770e024b7b475fa025c1d89a24b9 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -3513,6 +3513,7 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
        if (zheaders) {
                zend_hash_internal_pointer_reset_ex(HASH_OF(zheaders), &hpos);
                while(zend_hash_get_current_data_ex(HASH_OF(zheaders), (void**)&zcertval, &hpos) == SUCCESS) {
+                       strindex.s = NULL;
                        zend_hash_get_current_key_ex(HASH_OF(zheaders), &strindex, &strindexlen, &intindex, 0, &hpos);
 
                        convert_to_string_ex(zcertval);
@@ -3622,6 +3623,7 @@ PHP_FUNCTION(openssl_pkcs7_sign)
        if (zheaders) {
                zend_hash_internal_pointer_reset_ex(HASH_OF(zheaders), &hpos);
                while(zend_hash_get_current_data_ex(HASH_OF(zheaders), (void**)&hval, &hpos) == SUCCESS) {
+                       strindex.s = NULL;
                        zend_hash_get_current_key_ex(HASH_OF(zheaders), &strindex, &strindexlen, &intindex, 0, &hpos);
 
                        convert_to_string_ex(hval);

diff --git a/ext/openssl/tests/023.phpt b/ext/openssl/tests/023.phpt
new file mode 100644 (file)
index 0000000..905e77e
--- /dev/null
+++ b/ext/openssl/tests/023.phpt
@@ -0,0 +1,65 @@
+--TEST--
+openssl_pkcs7_encrypt() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$infile = (binary) (dirname(__FILE__) . "/cert.crt");
+$outfile = (binary) tempnam(b"/tmp", b"ssl");
+if ($outfile === false)
+       die("failed to get a temporary filename!");
+
+$single_cert = (binary) ("file://" . dirname(__FILE__) . "/cert.crt");
+$multi_certs = array($single_cert, $single_cert);
+$assoc_headers = array("To" => "test@test", "Subject" => "testing openssl_pkcs7_encrypt()");
+$assoc_headers_bin = array(b"To" => b"test@test", b"Subject" => b"testing openssl_pkcs7_encrypt()");
+$headers = array("test@test", "testing openssl_pkcs7_encrypt()");
+$headers_bin = array(b"test@test", b"testing openssl_pkcs7_encrypt()");
+$empty_headers = array();
+$unicode_headers = array("\u0500" => "test", "test" => "invalid unicode\u0500");
+$wrong = "wrong";
+$wrong2 = b"wrong";
+$empty = b"";
+
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $headers_bin));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $assoc_headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $assoc_headers_bin));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $empty_headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $unicode_headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $wrong));
+var_dump(openssl_pkcs7_encrypt($wrong, $outfile, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($empty, $outfile, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $empty, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $wrong, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $wrong2, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $empty, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $empty));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $multi_certs, $headers));
+
+if (file_exists($outfile)) {
+       echo "true\n";
+       unlink($outfile);
+}
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+
+Warning: openssl_pkcs7_encrypt() expects parameter 4 to be array, Unicode string given in %s on line %d
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+
+Warning: openssl_pkcs7_encrypt() expects parameter 4 to be array, binary string given in %s on line %d
+bool(false)
+bool(true)
+true

diff --git a/ext/openssl/tests/025.phpt b/ext/openssl/tests/025.phpt
new file mode 100644 (file)
index 0000000..b0d655b
--- /dev/null
+++ b/ext/openssl/tests/025.phpt
@@ -0,0 +1,83 @@
+--TEST--
+openssl_pkcs7_sign() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$infile = (binary) (dirname(__FILE__) . "/cert.crt");
+$outfile = (binary) tempnam(b"/tmp", b"ssl");
+if ($outfile === false)
+       die("failed to get a temporary filename!");
+
+$privkey = (binary) ("file://" . dirname(__FILE__) . "/private.key");
+$single_cert = (binary) ("file://" . dirname(__FILE__) . "/cert.crt");
+$assoc_headers = array("To" => "test@test", "Subject" => "testing openssl_pkcs7_sign()");
+$assoc_headers_bin = array(b"To" => b"test@test", b"Subject" => b"testing openssl_pkcs7_sign()");
+$headers = array("test@test", "testing openssl_pkcs7_sign()");
+$headers_bin = array(b"test@test", b"testing openssl_pkcs7_sign()");
+$empty_headers = array();
+$unicode_headers = array("\u0500" => "test", "test" => "invalid unicode\u0500");
+$wrong = "wrong";
+$wrong2 = b"wrong";
+$empty = b"";
+
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $headers_bin));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $assoc_headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $assoc_headers_bin));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $empty_headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $unicode_headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $wrong));
+var_dump(openssl_pkcs7_sign($wrong, $outfile, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($empty, $outfile, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $empty, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $wrong, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $wrong2, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $empty, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $empty));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $wrong, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $wrong2, $headers));
+
+if (file_exists($outfile)) {
+       echo "true\n";
+       unlink($outfile);
+}
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+
+Warning: openssl_pkcs7_sign() expects parameter 5 to be array, Unicode string given in %s on line %d
+NULL
+
+Warning: openssl_pkcs7_sign(): error opening input file %s in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error opening input file %s in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error opening output file %s in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error getting cert in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error getting cert in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error getting cert in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign() expects parameter 5 to be array, binary string given in %s on line %d
+NULL
+
+Warning: openssl_pkcs7_sign(): error getting private key in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error getting private key in %s on line %d
+bool(false)
+true

diff --git a/ext/openssl/tests/cert.crt b/ext/openssl/tests/cert.crt
new file mode 100644 (file)
index 0000000..2e77905
--- /dev/null
+++ b/ext/openssl/tests/cert.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAtWgAwIBAgIJAK7FVsxyN1CiMA0GCSqGSIb3DQEBBQUAMIGBMQswCQYD
+VQQGEwJCUjEaMBgGA1UECBMRUmlvIEdyYW5kZSBkbyBTdWwxFTATBgNVBAcTDFBv
+cnRvIEFsZWdyZTEeMBwGA1UEAxMVSGVucmlxdWUgZG8gTi4gQW5nZWxvMR8wHQYJ
+KoZIhvcNAQkBFhBobmFuZ2Vsb0BwaHAubmV0MB4XDTA4MDYzMDEwMjg0M1oXDTA4
+MDczMDEwMjg0M1owgYExCzAJBgNVBAYTAkJSMRowGAYDVQQIExFSaW8gR3JhbmRl
+IGRvIFN1bDEVMBMGA1UEBxMMUG9ydG8gQWxlZ3JlMR4wHAYDVQQDExVIZW5yaXF1
+ZSBkbyBOLiBBbmdlbG8xHzAdBgkqhkiG9w0BCQEWEGhuYW5nZWxvQHBocC5uZXQw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMteno+QK1ulX4/WDAVBYfoTPRTz
+e4SZLwgael4jwWTytj+8c5nNllrFELD6WjJzfjaoIMhCF4w4I2bkWR6/PTqrvnv+
+iiiItHfKvJgYqIobUhkiKmWa2wL3mgqvNRIqTrTC4jWZuCkxQ/ksqL9O/F6zk+aR
+S1d+KbPaqCR5Rw+lAgMBAAGjgekwgeYwHQYDVR0OBBYEFNt+QHK9XDWF7CkpgRLo
+Ymhqtz99MIG2BgNVHSMEga4wgauAFNt+QHK9XDWF7CkpgRLoYmhqtz99oYGHpIGE
+MIGBMQswCQYDVQQGEwJCUjEaMBgGA1UECBMRUmlvIEdyYW5kZSBkbyBTdWwxFTAT
+BgNVBAcTDFBvcnRvIEFsZWdyZTEeMBwGA1UEAxMVSGVucmlxdWUgZG8gTi4gQW5n
+ZWxvMR8wHQYJKoZIhvcNAQkBFhBobmFuZ2Vsb0BwaHAubmV0ggkArsVWzHI3UKIw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCP1GUnStC0TBqngr3Kx+zS
+UW8KutKO0ORc5R8aV/x9LlaJrzPyQJgiPpu5hXogLSKRIHxQS3X2+Y0VvIpW72LW
+PVKPhYlNtO3oKnfoJGKin0eEhXRZMjfEW/kznY+ZZmNifV2r8s+KhNAqI4PbClvn
+4vh8xF/9+eVEj+hM+0OflA==
+-----END CERTIFICATE-----

diff --git a/ext/openssl/tests/private.key b/ext/openssl/tests/private.key
new file mode 100644 (file)
index 0000000..bce512e
--- /dev/null
+++ b/ext/openssl/tests/private.key
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDLXp6PkCtbpV+P1gwFQWH6Ez0U83uEmS8IGnpeI8Fk8rY/vHOZ
+zZZaxRCw+loyc342qCDIQheMOCNm5Fkevz06q757/oooiLR3yryYGKiKG1IZIipl
+mtsC95oKrzUSKk60wuI1mbgpMUP5LKi/Tvxes5PmkUtXfimz2qgkeUcPpQIDAQAB
+AoGBAMcP/dp+fsI9FFYBaVC3mASlUjOwxKWdH3kqGb8N9p4uKRAoEWtp3hNJM7ZX
+x3P8sn0jgrsiXlRFGvn65/T9shp8hj+CdJKg2jKCs7S58v60TLfSvOQSIYsw9Qm9
+Bsx4hKfz+d52ptuJRbv8tDxsYP3D/KjQfpX1OysiP/WBfeg9AkEA+AGT0goqjWOM
+YgFtZGrefIegF31XSCQTaLIml6/2JwF+oBKjJUQFar2Rwn6qUwrsGtSPMM0Iz8ry
+9uvUbs8PPwJBANHsuTVWzLf8TJNGc+xIlhvzKFkF0nJIWx4ozhlMNDQMMF/3FRSo
+zvHIgUnpG9Vwa2GtjTDnD8jHtzTauAZmjBsCQCGDVQ5VAVsJ0LaNqtKe/mGlkiSa
+c2j0Nws2x7BHvuOWeB35ZsJqZrD93OyDYVDHcRBPGOpnSoGJ0zs6swImSNECQHSH
+0BgH4wSPDYMDrP4RHSLOzCr+zF+cQthvFll8r83kpkXfRth9DMOy5fI9cLH/Adzr
+FmF7Iov2MYEpmNYUvtkCQHfW0ntkVY9xS2/VTs57F5tUkfNG2hG74pJM6vSfTNWn
+R/oI5m2sDtRWQ88LCYJMEmIZhN00Ys4xOSoTs+SUakY=
+-----END RSA PRIVATE KEY-----