Fix bug #72776 (Invalid parameter in memcpy function trough openssl_pbkdf2)

author Jakub Zelenka <bukka@php.net>

Sun, 6 Nov 2016 20:40:51 +0000 (20:40 +0000)

committer Jakub Zelenka <bukka@php.net>

Sun, 6 Nov 2016 20:40:51 +0000 (20:40 +0000)
author Jakub Zelenka <bukka@php.net>
Sun, 6 Nov 2016 20:40:51 +0000 (20:40 +0000)
committer Jakub Zelenka <bukka@php.net>
Sun, 6 Nov 2016 20:40:51 +0000 (20:40 +0000)
diff --git a/NEWS b/NEWS

index c2f35898dd6959394e1fea8e8b149dcb1f44a445..8d5b14e9ac0279970fe452a68cf3e5351602b9dc 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,10 @@ PHP                                                                        NEWS
    . Fixed bug #73402 (Opcache segfault when using class constant to call a
      method). (Laruence)
  
+- OpenSSL
+  . Fixed bug #72776 (Invalid parameter in memcpy function trough
+    openssl_pbkdf2). (Jakub Zelenka)
+
  10 Nov 2016, PHP 5.6.28
  
  - Core:
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c

index 01f2a099a8c276340a1138d630539a34e873dc60..f8641c62fca8733bc99a256890817dbd4c2ba902 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -4059,7 +4059,7 @@ PHP_FUNCTION(openssl_pbkdf2)
                 return;
         }
  
-       if (key_length <= 0) {
+       if (key_length <= 0 || key_length > INT_MAX) {
                 RETURN_FALSE;
         }
author	Jakub Zelenka <bukka@php.net>
	Sun, 6 Nov 2016 20:40:51 +0000 (20:40 +0000)
committer	Jakub Zelenka <bukka@php.net>
	Sun, 6 Nov 2016 20:40:51 +0000 (20:40 +0000)
NEWS		patch \| blob \| history
ext/openssl/openssl.c		patch \| blob \| history