iliaa           Sun May 13 17:37:33 2007 UTC

  Added files:                 (Branch: PHP_5_2)
    /php-src/ext/openssl/tests  bug41353.phpt 

  Modified files:              
    /php-src    NEWS 
    /php-src/ext/openssl        openssl.c 
  Log:
  
  Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input).
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.698&r2=1.2027.2.547.2.699&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.698 php-src/NEWS:1.2027.2.547.2.699
--- php-src/NEWS:1.2027.2.547.2.698     Fri May 11 12:22:00 2007
+++ php-src/NEWS        Sun May 13 17:37:32 2007
@@ -8,6 +8,7 @@
 - Fixed altering $this via argument named "this". (Dmitry)
 - Fixed PHP CLI to use the php.ini from the binary location. (Hannes)
 - Fixed segfault in strripos(). (Tony, Joxean Koret)
+- Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input). (Ilia)
 - Fixed bug #41351 (Invalid opcode with foreach ($a[] as $b)). (Dmitry, Tony)
 - Fixed bug #41347 (checkdnsrr() segfaults on empty hostname). (Scott)
 - Fixed bug #41337 (WSDL parsing doesn't ignore non soap bindings). (Dmitry)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5.2.32&r2=1.98.2.5.2.33&diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5.2.32 
php-src/ext/openssl/openssl.c:1.98.2.5.2.33
--- php-src/ext/openssl/openssl.c:1.98.2.5.2.32 Thu Apr  5 18:08:42 2007
+++ php-src/ext/openssl/openssl.c       Sun May 13 17:37:32 2007
@@ -20,7 +20,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: openssl.c,v 1.98.2.5.2.32 2007/04/05 18:08:42 rrichards Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.33 2007/05/13 17:37:32 iliaa Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -1541,13 +1541,13 @@
 }
 /* }}} */
 
-/* {{{ proto bool openssl_pkcs12_read(mixed PKCS12, array &certs, string pass)
+/* {{{ proto bool openssl_pkcs12_read(string PKCS12, array &certs, string pass)
    Parses a PKCS12 to an array */
 PHP_FUNCTION(openssl_pkcs12_read)
 {
-       zval *zp12 = NULL, *zout = NULL, *zextracerts, *zcert, *zpkey;
-       char * pass;
-       int pass_len;
+       zval *zout = NULL, *zextracerts, *zcert, *zpkey;
+       char *pass, *zp12;
+       int pass_len, zp12_len;
        PKCS12 * p12 = NULL;
        EVP_PKEY * pkey = NULL;
        X509 * cert = NULL;
@@ -1555,14 +1555,14 @@
        BIO * bio_in = NULL;
        int i;
 
-       if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zzs", &zp12, 
&zout, &pass, &pass_len) == FAILURE)
+       if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szs", &zp12, 
&zp12_len, &zout, &pass, &pass_len) == FAILURE)
                return;
 
        RETVAL_FALSE;
        
        bio_in = BIO_new(BIO_s_mem());
        
-       if(!BIO_write(bio_in, Z_STRVAL_P(zp12), Z_STRLEN_P(zp12)))
+       if(!BIO_write(bio_in, zp12, zp12_len))
                goto cleanup;
        
        if(d2i_PKCS12_bio(bio_in, &p12)) {

http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug41353.phpt?view=markup&rev=1.1
Index: php-src/ext/openssl/tests/bug41353.phpt
+++ php-src/ext/openssl/tests/bug41353.phpt

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to