From: Felipe Pena <felipe@php.net>
Date: Fri, 12 Nov 2010 23:34:03 +0000 (+0000)
Subject: - Fixed bug #53136 (Invalid read on openssl_csr_new())
X-Git-Tag: php-5.3.4RC1~42
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c095bec2505194b018858f78b1152313f7b23980;p=php

- Fixed bug #53136 (Invalid read on openssl_csr_new())
---

diff --git a/NEWS b/NEWS
index 9a380614ce..a16929ba1b 100644
--- a/NEWS
+++ b/NEWS
@@ -81,6 +81,7 @@
 - Fixed bug #53144 (Segfault in SplObjectStorage::removeAll()). (Felipe)
 - Fixed bug #53141 (autoload misbehaves if called from closing session).
   (ladislav at marek dot su)
+- Fixed bug #53136 (Invalid read on openssl_csr_new()). (Felipe)
 - Fixed bug #53071 (SPLObjectStorage defeats gc_collect_cycles). (Gustavo)
 - Fixed bug #53006 (stream_get_contents has an unpredictable behavior when the
   underlying stream does not support seeking). (Gustavo)
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index a9806ceae2..0440aa7d16 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -2117,7 +2117,8 @@ static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, z
 		if (attribs) {
 			zend_hash_internal_pointer_reset_ex(HASH_OF(attribs), &hpos);
 			while(zend_hash_get_current_data_ex(HASH_OF(attribs), (void**)&item, &hpos) == SUCCESS) {
-				char * strindex; uint strindexlen;
+				char *strindex = NULL;
+				uint strindexlen;
 				ulong intindex;
 
 				zend_hash_get_current_key_ex(HASH_OF(attribs), &strindex, &strindexlen, &intindex, 0, &hpos);