From d3538f427a6debc8bfdb8a7a760d26d4a079a8fa Mon Sep 17 00:00:00 2001
From: Henrique do Nascimento Angelo <hnangelo@php.net>
Date: Tue, 15 Jul 2008 02:59:56 +0000
Subject: [PATCH] Fix uninitilized variables in openssl_pkcs7_encrypt() and
 openssl_pkcs7_sign()

---
 ext/openssl/openssl.c         |  2 ++
 ext/openssl/tests/023.phpt    | 64 ++++++++++++++++++++++++++++++++++
 ext/openssl/tests/025.phpt    | 65 +++++++++++++++++++++++++++++++++++
 ext/openssl/tests/cert.crt    | 21 +++++++++++
 ext/openssl/tests/private.key | 15 ++++++++
 5 files changed, 167 insertions(+)
 create mode 100644 ext/openssl/tests/023.phpt
 create mode 100644 ext/openssl/tests/025.phpt
 create mode 100644 ext/openssl/tests/cert.crt
 create mode 100644 ext/openssl/tests/private.key

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 749be4fdc3..1f0b5142bb 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -3475,6 +3475,7 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
 	if (zheaders) {
 		zend_hash_internal_pointer_reset_ex(HASH_OF(zheaders), &hpos);
 		while(zend_hash_get_current_data_ex(HASH_OF(zheaders), (void**)&zcertval, &hpos) == SUCCESS) {
+			strindex = NULL;
 			zend_hash_get_current_key_ex(HASH_OF(zheaders), &strindex, &strindexlen, &intindex, 0, &hpos);
 
 			convert_to_string_ex(zcertval);
@@ -3584,6 +3585,7 @@ PHP_FUNCTION(openssl_pkcs7_sign)
 	if (zheaders) {
 		zend_hash_internal_pointer_reset_ex(HASH_OF(zheaders), &hpos);
 		while(zend_hash_get_current_data_ex(HASH_OF(zheaders), (void**)&hval, &hpos) == SUCCESS) {
+			strindex = NULL;
 			zend_hash_get_current_key_ex(HASH_OF(zheaders), &strindex, &strindexlen, &intindex, 0, &hpos);
 
 			convert_to_string_ex(hval);
diff --git a/ext/openssl/tests/023.phpt b/ext/openssl/tests/023.phpt
new file mode 100644
index 0000000000..1489613327
--- /dev/null
+++ b/ext/openssl/tests/023.phpt
@@ -0,0 +1,64 @@
+--TEST--
+openssl_pkcs7_encrypt() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$infile = dirname(__FILE__) . "/cert.crt";
+$outfile = tempnam("/tmp", "ssl");
+if ($outfile === false)
+	die("failed to get a temporary filename!");
+$outfile2 = tempnam("/tmp", "ssl");
+if ($outfile2 === false)
+	die("failed to get a temporary filename!");
+
+$single_cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$multi_certs = array($single_cert, $single_cert);
+$assoc_headers = array("To" => "test@test", "Subject" => "testing openssl_pkcs7_encrypt()");
+$headers = array("test@test", "testing openssl_pkcs7_encrypt()");
+$empty_headers = array();
+$wrong = "wrong";
+$empty = "";
+
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $headers));
+var_dump(openssl_pkcs7_decrypt($outfile, $outfile2, $single_cert, $privkey));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $assoc_headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $empty_headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $wrong));
+var_dump(openssl_pkcs7_encrypt($wrong, $outfile, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($empty, $outfile, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $empty, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $wrong, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $empty, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $empty));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $multi_certs, $headers));
+
+if (file_exists($outfile)) {
+	echo "true\n";
+	unlink($outfile);
+}
+if (file_exists($outfile2)) {
+	echo "true\n";
+	unlink($outfile2);
+}
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+
+Warning: openssl_pkcs7_encrypt() expects parameter 4 to be array, string given in %s on line %d
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+
+Warning: openssl_pkcs7_encrypt() expects parameter 4 to be array, string given in %s on line %d
+bool(false)
+bool(true)
+true
+true
diff --git a/ext/openssl/tests/025.phpt b/ext/openssl/tests/025.phpt
new file mode 100644
index 0000000000..ac567a517a
--- /dev/null
+++ b/ext/openssl/tests/025.phpt
@@ -0,0 +1,65 @@
+--TEST--
+openssl_pkcs7_sign() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$infile = dirname(__FILE__) . "/cert.crt";
+$outfile = tempnam("/tmp", "ssl");
+if ($outfile === false)
+	die("failed to get a temporary filename!");
+
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$single_cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$assoc_headers = array("To" => "test@test", "Subject" => "testing openssl_pkcs7_sign()");
+$headers = array("test@test", "testing openssl_pkcs7_sign()");
+$empty_headers = array();
+$wrong = "wrong";
+$empty = "";
+
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $assoc_headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $empty_headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $wrong));
+var_dump(openssl_pkcs7_sign($wrong, $outfile, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($empty, $outfile, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $empty, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $wrong, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $empty, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $empty));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $wrong, $headers));
+
+if (file_exists($outfile)) {
+	echo "true\n";
+	unlink($outfile);
+}
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+bool(true)
+
+Warning: openssl_pkcs7_sign() expects parameter 5 to be array, string given in %s on line %d
+NULL
+
+Warning: openssl_pkcs7_sign(): error opening input file %s in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error opening input file %s in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error opening output file %s in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error getting cert in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign(): error getting cert in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_sign() expects parameter 5 to be array, string given in %s on line %d
+NULL
+
+Warning: openssl_pkcs7_sign(): error getting private key in %s on line %d
+bool(false)
+true
diff --git a/ext/openssl/tests/cert.crt b/ext/openssl/tests/cert.crt
new file mode 100644
index 0000000000..2e7790517b
--- /dev/null
+++ b/ext/openssl/tests/cert.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAtWgAwIBAgIJAK7FVsxyN1CiMA0GCSqGSIb3DQEBBQUAMIGBMQswCQYD
+VQQGEwJCUjEaMBgGA1UECBMRUmlvIEdyYW5kZSBkbyBTdWwxFTATBgNVBAcTDFBv
+cnRvIEFsZWdyZTEeMBwGA1UEAxMVSGVucmlxdWUgZG8gTi4gQW5nZWxvMR8wHQYJ
+KoZIhvcNAQkBFhBobmFuZ2Vsb0BwaHAubmV0MB4XDTA4MDYzMDEwMjg0M1oXDTA4
+MDczMDEwMjg0M1owgYExCzAJBgNVBAYTAkJSMRowGAYDVQQIExFSaW8gR3JhbmRl
+IGRvIFN1bDEVMBMGA1UEBxMMUG9ydG8gQWxlZ3JlMR4wHAYDVQQDExVIZW5yaXF1
+ZSBkbyBOLiBBbmdlbG8xHzAdBgkqhkiG9w0BCQEWEGhuYW5nZWxvQHBocC5uZXQw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMteno+QK1ulX4/WDAVBYfoTPRTz
+e4SZLwgael4jwWTytj+8c5nNllrFELD6WjJzfjaoIMhCF4w4I2bkWR6/PTqrvnv+
+iiiItHfKvJgYqIobUhkiKmWa2wL3mgqvNRIqTrTC4jWZuCkxQ/ksqL9O/F6zk+aR
+S1d+KbPaqCR5Rw+lAgMBAAGjgekwgeYwHQYDVR0OBBYEFNt+QHK9XDWF7CkpgRLo
+Ymhqtz99MIG2BgNVHSMEga4wgauAFNt+QHK9XDWF7CkpgRLoYmhqtz99oYGHpIGE
+MIGBMQswCQYDVQQGEwJCUjEaMBgGA1UECBMRUmlvIEdyYW5kZSBkbyBTdWwxFTAT
+BgNVBAcTDFBvcnRvIEFsZWdyZTEeMBwGA1UEAxMVSGVucmlxdWUgZG8gTi4gQW5n
+ZWxvMR8wHQYJKoZIhvcNAQkBFhBobmFuZ2Vsb0BwaHAubmV0ggkArsVWzHI3UKIw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCP1GUnStC0TBqngr3Kx+zS
+UW8KutKO0ORc5R8aV/x9LlaJrzPyQJgiPpu5hXogLSKRIHxQS3X2+Y0VvIpW72LW
+PVKPhYlNtO3oKnfoJGKin0eEhXRZMjfEW/kznY+ZZmNifV2r8s+KhNAqI4PbClvn
+4vh8xF/9+eVEj+hM+0OflA==
+-----END CERTIFICATE-----
diff --git a/ext/openssl/tests/private.key b/ext/openssl/tests/private.key
new file mode 100644
index 0000000000..bce512e050
--- /dev/null
+++ b/ext/openssl/tests/private.key
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDLXp6PkCtbpV+P1gwFQWH6Ez0U83uEmS8IGnpeI8Fk8rY/vHOZ
+zZZaxRCw+loyc342qCDIQheMOCNm5Fkevz06q757/oooiLR3yryYGKiKG1IZIipl
+mtsC95oKrzUSKk60wuI1mbgpMUP5LKi/Tvxes5PmkUtXfimz2qgkeUcPpQIDAQAB
+AoGBAMcP/dp+fsI9FFYBaVC3mASlUjOwxKWdH3kqGb8N9p4uKRAoEWtp3hNJM7ZX
+x3P8sn0jgrsiXlRFGvn65/T9shp8hj+CdJKg2jKCs7S58v60TLfSvOQSIYsw9Qm9
+Bsx4hKfz+d52ptuJRbv8tDxsYP3D/KjQfpX1OysiP/WBfeg9AkEA+AGT0goqjWOM
+YgFtZGrefIegF31XSCQTaLIml6/2JwF+oBKjJUQFar2Rwn6qUwrsGtSPMM0Iz8ry
+9uvUbs8PPwJBANHsuTVWzLf8TJNGc+xIlhvzKFkF0nJIWx4ozhlMNDQMMF/3FRSo
+zvHIgUnpG9Vwa2GtjTDnD8jHtzTauAZmjBsCQCGDVQ5VAVsJ0LaNqtKe/mGlkiSa
+c2j0Nws2x7BHvuOWeB35ZsJqZrD93OyDYVDHcRBPGOpnSoGJ0zs6swImSNECQHSH
+0BgH4wSPDYMDrP4RHSLOzCr+zF+cQthvFll8r83kpkXfRth9DMOy5fI9cLH/Adzr
+FmF7Iov2MYEpmNYUvtkCQHfW0ntkVY9xS2/VTs57F5tUkfNG2hG74pJM6vSfTNWn
+R/oI5m2sDtRWQ88LCYJMEmIZhN00Ys4xOSoTs+SUakY=
+-----END RSA PRIVATE KEY-----
-- 
2.40.0