Make sure that we set the strong crypto result to false as well as returning false.

diff --git a/NEWS b/NEWS
index 71d070823b09c8a44f55fae78e7b5a180662f33e..0c11327bf42ea364551ee4753e6513728d249204 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -18,6 +18,10 @@ PHP                                                                        NEWS
 
 - Intl:
   . Added support for UTS #46. (Gustavo)
+  
+- OpenSSL:
+  . On error in openssl_random_pseudo_bytes() make sure we set strong result
+    to false. (Scott)
 
 - Reflection:
   . Fixed bug #60367 (Reflection and Late Static Binding). (Laruence)

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index b5059ebc54dfcb6b4d53192925533da971e7730c..4f37f08f8e7782fd593c9c9957d9b2bf7a1922f2 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -4941,13 +4941,19 @@ PHP_FUNCTION(openssl_random_pseudo_bytes)
 #ifdef PHP_WIN32
        strong_result = 1;
        /* random/urandom equivalent on Windows */
-       if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == FAILURE){
+       if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == FAILURE) {
                efree(buffer);
+               if (zstrong_result_returned) {
+                       ZVAL_BOOL(zstrong_result_returned, 0);
+               }
                RETURN_FALSE;
        }
 #else
        if ((strong_result = RAND_pseudo_bytes(buffer, buffer_length)) < 0) {
                efree(buffer);
+               if (zstrong_result_returned) {
+                       ZVAL_BOOL(zstrong_result_returned, 0);
+               }
                RETURN_FALSE;
        }
 #endif