pajoye Wed, 02 Jun 2010 15:27:38 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=300095
Log: - fix leak on error in mcrypt_create_iv on windows Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/mcrypt/mcrypt.c U php/php-src/trunk/ext/mcrypt/mcrypt.c Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2010-06-02 15:16:41 UTC (rev 300094) +++ php/php-src/branches/PHP_5_3/NEWS 2010-06-02 15:27:38 UTC (rev 300095) @@ -33,6 +33,7 @@ - Fixed very rare memory leak in mysqlnd, when binding thousands of columns. (Andrey) +- Fixed memory leak on error in mcrypt_create_iv on Windows. (Pierre) - Fixed a possible crash because of recursive GC invocation. (Dmitry) - Fixed a possible resource destruction issues in shm_put_var() Reported by Stefan Esser (Dmitry) Modified: php/php-src/branches/PHP_5_3/ext/mcrypt/mcrypt.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/mcrypt/mcrypt.c 2010-06-02 15:16:41 UTC (rev 300094) +++ php/php-src/branches/PHP_5_3/ext/mcrypt/mcrypt.c 2010-06-02 15:27:38 UTC (rev 300095) @@ -1398,10 +1398,12 @@ /* It could be done using LoadLibrary but as we rely on 2k+ for 5.3, cleaner to use a clear dependency (Advapi32) and a standard API call (no f=getAddr..; f();) */ if(!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { + efree(iv); php_error_docref(NULL TSRMLS_CC, E_ERROR, "Cannot open random device"); RETURN_FALSE; } if(!CryptGenRandom(hCryptProv, size, iv_b)) { + efree(iv); php_error_docref(NULL TSRMLS_CC, E_ERROR, "Could not gather sufficient random data"); RETURN_FALSE; } Modified: php/php-src/trunk/ext/mcrypt/mcrypt.c =================================================================== --- php/php-src/trunk/ext/mcrypt/mcrypt.c 2010-06-02 15:16:41 UTC (rev 300094) +++ php/php-src/trunk/ext/mcrypt/mcrypt.c 2010-06-02 15:27:38 UTC (rev 300095) @@ -1398,10 +1398,12 @@ /* It could be done using LoadLibrary but as we rely on 2k+ for 5.3, cleaner to use a clear dependency (Advapi32) and a standard API call (no f=getAddr..; f();) */ if(!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { + efree(iv); php_error_docref(NULL TSRMLS_CC, E_ERROR, "Cannot open random device"); RETURN_FALSE; } if(!CryptGenRandom(hCryptProv, size, iv_b)) { + efree(iv); php_error_docref(NULL TSRMLS_CC, E_ERROR, "Could not gather sufficient random data"); RETURN_FALSE; }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php