From: Pierre Joye <pajoye@php.net>
Date: Fri, 27 Jan 2012 10:56:33 +0000 (+0000)
Subject: - fix #60895, possible invalid handler usage
X-Git-Tag: php-5.4.0RC7~24
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d54710ae2f30d15c7f272c8311c4267b458d0df5;p=php

- fix #60895, possible invalid handler usage
---

diff --git a/NEWS b/NEWS
index 3eda168206..73a3e2a912 100644
--- a/NEWS
+++ b/NEWS
@@ -1,8 +1,13 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? Jan 2012, PHP 5.4.0 RC 7
-- Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
-  CVE-2011-3389. (Scott)
+- Core:
+  . Fix bug #60895 (Possible invalid handler usage in windows random
+    functions). (Pierre)
+
+- OpenSSL:
+  . Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
+    CVE-2011-3389. (Scott)
 
 19 Jan 2012, PHP 5.4.0 RC6
 
diff --git a/win32/winutil.c b/win32/winutil.c
index 1e8bf0bedb..d9609f7987 100644
--- a/win32/winutil.c
+++ b/win32/winutil.c
@@ -62,8 +62,10 @@ void php_win32_init_rng_lock()
 void php_win32_free_rng_lock()
 {
 	tsrm_mutex_lock(php_lock_win32_cryptoctx);
-	CryptReleaseContext(hCryptProv, 0);
-	has_crypto_ctx = 0;
+	if (has_crypto_ctx == 1) {
+		CryptReleaseContext(hCryptProv, 0);
+		has_crypto_ctx = 0;
+	}
 	tsrm_mutex_unlock(php_lock_win32_cryptoctx);
 	tsrm_mutex_free(php_lock_win32_cryptoctx);