]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e642375)
Fixed bug #74402 (segfault on random_bytes, bin2hex, openssl_seal)
authorXinchen Hui <laruence@gmail.com>
Mon, 10 Apr 2017 11:02:50 +0000 (19:02 +0800)
committerXinchen Hui <laruence@gmail.com>
Mon, 10 Apr 2017 11:02:50 +0000 (19:02 +0800)
NEWS patch | blob | history
ext/openssl/openssl.c patch | blob | history
ext/openssl/tests/bug74402.phpt [new file with mode: 0644] patch | blob

diff --git a/NEWS b/NEWS
index 5caecbe6cb9624ae601bdd644ce4da6002aa9727..613be686ca2978efa1525c77dc8719e974115ac9 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -15,6 +15,8 @@ PHP                                                                        NEWS
     loss). (Yussuf Khalil)
 
 - OpenSSL:
+  . Fixed bug #74402 (segfault on random_bytes, bin2hex, openssl_seal).
+    (Laruence)
   . Fixed bug #74341 (openssl_x509_parse fails to parse ASN.1 UTCTime without
     seconds). (Moritz Fain)
 
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 7a8ccc0a99d34b9cc7b97fd0261c2a3344bcdb25..1ea4d07e099761900743f64c33e055baeaa26d79 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -5399,7 +5399,6 @@ PHP_FUNCTION(openssl_seal)
 
        if (len1 + len2 > 0) {
                zval_dtor(sealdata);
-               buf[len1 + len2] = '\0';
                ZVAL_NEW_STR(sealdata, zend_string_init((char*)buf, len1 + len2, 0));
                efree(buf);
 
diff --git a/ext/openssl/tests/bug74402.phpt b/ext/openssl/tests/bug74402.phpt
new file mode 100644 (file)
index 0000000..8cd9836
--- /dev/null
+++ b/ext/openssl/tests/bug74402.phpt
@@ -0,0 +1,30 @@
+--TEST--
+Bug #74402 (segfault on random_bytes, bin3hex, openssl_seal)
+--SKIPIF--
+<?php
+if (!extension_loaded("openssl")) {
+       print "skip";
+}
+if (!in_array('AES256', openssl_get_cipher_methods(true))) {
+       print "skip";
+}
+?>
+--FILE--
+<?php
+$data = "23153b1cf683cb16f8d71190a7c42f38fecda27c29a7bc8991c9f6a2a63602bf";
+$key = array("-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvjCLfpS0MyilIjR+IsH
+HPH8TqFUCw4kTAVmTy9SDZV9hHYY2EPgrlTd7gvMP/DWipvBD6Y5w2bPdAQoXr5D
+qEKAGkE+1El4hS8XyuOdYXSYTDH1HPSlFiGdgsnlkFcbh/fJyzIKBaGLnWxsjhiS
+deiI7KuEkI9zt+X2r4KqFt/dhnXz0kcB1M7qyhQ6Rvijgjy/A1LsN4ZAREFLCEjb
+1AP9nk0QAUHWcG5MvbgsE20Pn4R5wFsMFBTvNmb34jHFREgR9j4DYcV5FFR3tKb8
+3XtjE9/kjfK29BSpiyXZs8PSqDhO00vh6txUB4VfkVUD2Bi93rxDeyALnCW7My+l
+YwIDAQAB
+-----END PUBLIC KEY-----");
+$iv = '';
+var_dump(strlen($data));
+var_dump(openssl_seal($data, $sealed_data, $env_keys, $key, 'AES256', $iv));
+?>
+--EXPECTF--
+int(64)
+int(80)
Unnamed repository; edit this file 'description' to name the repository.