- Fixed phpinfo() cutoff of variables at \0. (Ilia)
- Fixed a bug in the filter extension that prevented magic_quotes_gpc from
being applied when RAW filter is used. (Ilia)
+- Fixed bug #38261 (openssl_x509_parse() leaks with invalid cert) (Pierre)
- Fixed bug #38255 (openssl possible leaks while passing keys) (Pierre)
- Fixed bug #38253 (PDO produces segfault with default fetch mode). (Tony)
- Fixed bug #38236 (Binary data gets corrupted on multipart/formdata POST).
return NULL;
}
+
+ if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_OBJECT)) {
+ return NULL;
+ }
+
/* force it to be a string and check if it refers to a file */
convert_to_string_ex(val);
--- /dev/null
+--TEST--
+openssl key from zval leaks
+--SKIPIF--
+<?php
+if (!extension_loaded("openssl")) die("skip");
+?>
+--FILE--
+<?php
+$cert = false;
+class test {
+ function __toString() {
+ return "test object";
+ }
+}
+$t = new test;
+
+var_dump(openssl_x509_parse("foo"));
+var_dump(openssl_x509_parse($t));
+var_dump(openssl_x509_parse(array()));
+var_dump(openssl_x509_parse());
+var_dump(openssl_x509_parse($cert));
+var_dump(openssl_x509_parse(new stdClass));
+
+?>
+--EXPECTF--
+bool(false)
+bool(false)
+bool(false)
+
+Warning: openssl_x509_parse() expects at least 1 parameter, 0 given in %s/bug38261.php on line %d
+NULL
+bool(false)
+
+Catchable fatal error: Object of class stdClass could not be converted to string in %s/bug38261.php on line %d
projects / php / commitdiff