From: Pierre Joye <pajoye@php.net>
Date: Wed, 2 Jun 2010 15:27:38 +0000 (+0000)
Subject: - fix leak on error in mcrypt_create_iv on windows
X-Git-Tag: php-5.3.3RC1~83
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c453a8fcdaff85ec3f6023cb02136ab59a5d6dae;p=php

- fix leak on error in mcrypt_create_iv on windows
---

diff --git a/NEWS b/NEWS
index 6f44506cde..6da149ee37 100644
--- a/NEWS
+++ b/NEWS
@@ -33,6 +33,7 @@ PHP                                                                        NEWS
 - Fixed very rare memory leak in mysqlnd, when binding thousands of columns.
   (Andrey)
 
+- Fixed memory leak on error in mcrypt_create_iv on Windows. (Pierre)
 - Fixed a possible crash because of recursive GC invocation. (Dmitry)
 - Fixed a possible resource destruction issues in shm_put_var()
   Reported by Stefan Esser (Dmitry)
diff --git a/ext/mcrypt/mcrypt.c b/ext/mcrypt/mcrypt.c
index dca8dfffd5..1e73674169 100644
--- a/ext/mcrypt/mcrypt.c
+++ b/ext/mcrypt/mcrypt.c
@@ -1398,10 +1398,12 @@ PHP_FUNCTION(mcrypt_create_iv)
 			/* It could be done using LoadLibrary but as we rely on 2k+ for 5.3, cleaner to use a clear dependency (Advapi32) and a 
 				standard API call (no f=getAddr..; f();) */
 			if(!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
+				efree(iv);
 				php_error_docref(NULL TSRMLS_CC, E_ERROR, "Cannot open random device");
 				RETURN_FALSE;
 			}
 			if(!CryptGenRandom(hCryptProv, size,  iv_b)) {
+				efree(iv);
 				php_error_docref(NULL TSRMLS_CC, E_ERROR, "Could not gather sufficient random data");
 				RETURN_FALSE;
 			}