Check and use correct signature_len type for EVP_VerifyFinal

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index b09f17481fad5a7eaa4385a46c8e7fccaa7e2de0..1608e5d5afd054da45ee8428340b142f5e2212fa 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -4822,6 +4822,10 @@ PHP_FUNCTION(openssl_verify)
                return;
        }
 
+       if (UINT_MAX < signature_len) {
+               php_error_docref(NULL, E_WARNING, "signature is too long");
+               RETURN_FALSE;
+       }
        if (method == NULL || Z_TYPE_P(method) == IS_LONG) {
                if (method != NULL) {
                        signature_algo = Z_LVAL_P(method);
@@ -4846,7 +4850,7 @@ PHP_FUNCTION(openssl_verify)
 
        EVP_VerifyInit   (&md_ctx, mdtype);
        EVP_VerifyUpdate (&md_ctx, data, data_len);
-       err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, (int)signature_len, pkey);
+       err = EVP_VerifyFinal(&md_ctx, (unsigned char *)signature, (unsigned int)signature_len, pkey);
        EVP_MD_CTX_cleanup(&md_ctx);
 
        if (keyresource == NULL) {