From: Ilia Alshanetsky <iliaa@php.net>
Date: Sun, 21 Dec 2003 18:17:20 +0000 (+0000)
Subject: Fixed uninitialized usage of mdtype when unknown signature algorithm is
X-Git-Tag: php-5.0.0b3~4
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=cba426ca138d051ccee81750ac0b6344fceb8fcb;p=php

Fixed uninitialized usage of mdtype when unknown signature algorithm is
found.
---

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 2e37f75741..0b640315ea 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -2838,9 +2838,6 @@ PHP_FUNCTION(openssl_sign)
 		RETURN_FALSE;
 	}
 
-	siglen = EVP_PKEY_size(pkey);
-	sigbuf = emalloc(siglen + 1);
-
 	switch (signature_algo) {
 		case OPENSSL_ALGO_SHA1:
 			mdtype = (EVP_MD *) EVP_sha1();
@@ -2854,8 +2851,15 @@ PHP_FUNCTION(openssl_sign)
 		case OPENSSL_ALGO_MD2:
 			mdtype = (EVP_MD *) EVP_md2();
 			break;
+		default:
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm.");
+			RETURN_FALSE;
+			break;
 	}
-	
+
+	siglen = EVP_PKEY_size(pkey);
+	sigbuf = emalloc(siglen + 1);
+
 	EVP_SignInit(&md_ctx, mdtype);
 	EVP_SignUpdate(&md_ctx, data, data_len);
 	if (EVP_SignFinal (&md_ctx, sigbuf, &siglen, pkey)) {