[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/ext/mcrypt/mcrypt.c trunk/ext/mcrypt/mcrypt.c

Wed, 02 Jun 2010 08:27:53 -0700 

pajoye                                   Wed, 02 Jun 2010 15:27:38 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=300095

Log:
- fix leak on error in mcrypt_create_iv on windows

Changed paths:
    U   php/php-src/branches/PHP_5_3/NEWS
    U   php/php-src/branches/PHP_5_3/ext/mcrypt/mcrypt.c
    U   php/php-src/trunk/ext/mcrypt/mcrypt.c

Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS   2010-06-02 15:16:41 UTC (rev 300094)
+++ php/php-src/branches/PHP_5_3/NEWS   2010-06-02 15:27:38 UTC (rev 300095)
@@ -33,6 +33,7 @@
 - Fixed very rare memory leak in mysqlnd, when binding thousands of columns.
   (Andrey)

+- Fixed memory leak on error in mcrypt_create_iv on Windows. (Pierre)
 - Fixed a possible crash because of recursive GC invocation. (Dmitry)
 - Fixed a possible resource destruction issues in shm_put_var()
   Reported by Stefan Esser (Dmitry)

Modified: php/php-src/branches/PHP_5_3/ext/mcrypt/mcrypt.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/mcrypt/mcrypt.c    2010-06-02 15:16:41 UTC 
(rev 300094)
+++ php/php-src/branches/PHP_5_3/ext/mcrypt/mcrypt.c    2010-06-02 15:27:38 UTC 
(rev 300095)
@@ -1398,10 +1398,12 @@
                        /* It could be done using LoadLibrary but as we rely on 
2k+ for 5.3, cleaner to use a clear dependency (Advapi32) and a
                                standard API call (no f=getAddr..; f();) */
                        if(!CryptAcquireContext(&hCryptProv, NULL, NULL, 
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
+                               efree(iv);
                                php_error_docref(NULL TSRMLS_CC, E_ERROR, 
"Cannot open random device");
                                RETURN_FALSE;
                        }
                        if(!CryptGenRandom(hCryptProv, size,  iv_b)) {
+                               efree(iv);
                                php_error_docref(NULL TSRMLS_CC, E_ERROR, 
"Could not gather sufficient random data");
                                RETURN_FALSE;
                        }

Modified: php/php-src/trunk/ext/mcrypt/mcrypt.c
===================================================================
--- php/php-src/trunk/ext/mcrypt/mcrypt.c       2010-06-02 15:16:41 UTC (rev 
300094)
+++ php/php-src/trunk/ext/mcrypt/mcrypt.c       2010-06-02 15:27:38 UTC (rev 
300095)
@@ -1398,10 +1398,12 @@
                        /* It could be done using LoadLibrary but as we rely on 
2k+ for 5.3, cleaner to use a clear dependency (Advapi32) and a
                                standard API call (no f=getAddr..; f();) */
                        if(!CryptAcquireContext(&hCryptProv, NULL, NULL, 
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
+                               efree(iv);
                                php_error_docref(NULL TSRMLS_CC, E_ERROR, 
"Cannot open random device");
                                RETURN_FALSE;
                        }
                        if(!CryptGenRandom(hCryptProv, size,  iv_b)) {
+                               efree(iv);
                                php_error_docref(NULL TSRMLS_CC, E_ERROR, 
"Could not gather sufficient random data");
                                RETURN_FALSE;
                        }


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to