iliaa Sun May 13 17:37:33 2007 UTC Added files: (Branch: PHP_5_2) /php-src/ext/openssl/tests bug41353.phpt
Modified files: /php-src NEWS /php-src/ext/openssl openssl.c Log: Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input). http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.698&r2=1.2027.2.547.2.699&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.698 php-src/NEWS:1.2027.2.547.2.699 --- php-src/NEWS:1.2027.2.547.2.698 Fri May 11 12:22:00 2007 +++ php-src/NEWS Sun May 13 17:37:32 2007 @@ -8,6 +8,7 @@ - Fixed altering $this via argument named "this". (Dmitry) - Fixed PHP CLI to use the php.ini from the binary location. (Hannes) - Fixed segfault in strripos(). (Tony, Joxean Koret) +- Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input). (Ilia) - Fixed bug #41351 (Invalid opcode with foreach ($a[] as $b)). (Dmitry, Tony) - Fixed bug #41347 (checkdnsrr() segfaults on empty hostname). (Scott) - Fixed bug #41337 (WSDL parsing doesn't ignore non soap bindings). (Dmitry) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.32&r2=1.98.2.5.2.33&diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.32 php-src/ext/openssl/openssl.c:1.98.2.5.2.33 --- php-src/ext/openssl/openssl.c:1.98.2.5.2.32 Thu Apr 5 18:08:42 2007 +++ php-src/ext/openssl/openssl.c Sun May 13 17:37:32 2007 @@ -20,7 +20,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: openssl.c,v 1.98.2.5.2.32 2007/04/05 18:08:42 rrichards Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.33 2007/05/13 17:37:32 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -1541,13 +1541,13 @@ } /* }}} */ -/* {{{ proto bool openssl_pkcs12_read(mixed PKCS12, array &certs, string pass) +/* {{{ proto bool openssl_pkcs12_read(string PKCS12, array &certs, string pass) Parses a PKCS12 to an array */ PHP_FUNCTION(openssl_pkcs12_read) { - zval *zp12 = NULL, *zout = NULL, *zextracerts, *zcert, *zpkey; - char * pass; - int pass_len; + zval *zout = NULL, *zextracerts, *zcert, *zpkey; + char *pass, *zp12; + int pass_len, zp12_len; PKCS12 * p12 = NULL; EVP_PKEY * pkey = NULL; X509 * cert = NULL; @@ -1555,14 +1555,14 @@ BIO * bio_in = NULL; int i; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zzs", &zp12, &zout, &pass, &pass_len) == FAILURE) + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szs", &zp12, &zp12_len, &zout, &pass, &pass_len) == FAILURE) return; RETVAL_FALSE; bio_in = BIO_new(BIO_s_mem()); - if(!BIO_write(bio_in, Z_STRVAL_P(zp12), Z_STRLEN_P(zp12))) + if(!BIO_write(bio_in, zp12, zp12_len)) goto cleanup; if(d2i_PKCS12_bio(bio_in, &p12)) { http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug41353.phpt?view=markup&rev=1.1 Index: php-src/ext/openssl/tests/bug41353.phpt +++ php-src/ext/openssl/tests/bug41353.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php