From: Mateusz Kocielski <shm@php.net>
Date: Sat, 12 Nov 2011 10:36:55 +0000 (+0000)
Subject: - Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
X-Git-Tag: php-5.4.0RC2~92
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a9482367f8e798d43f73aaaf13acf9fe5235ae53;p=php

- Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
  ssl_handle of session_stream is not initialized.
---

diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
index e4b101ef6a..73ee0f3ec5 100644
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -406,6 +406,8 @@ static inline int php_openssl_setup_crypto(php_stream *stream,
 	if (cparam->inputs.session) {
 		if (cparam->inputs.session->ops != &php_openssl_socket_ops) {
 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied session stream must be an SSL enabled stream");
+ 		} else if (((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle == NULL) {
+ 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied SSL session stream is not initialized");
 		} else {
 			SSL_copy_session_id(sslsock->ssl_handle, ((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle);
 		}