hi,

do you have a test case for this crash?

Cheers,

On Sun, Dec 18, 2011 at 6:14 AM, Scott MacVicar <scott...@php.net> wrote:
> scottmac                                 Sun, 18 Dec 2011 05:14:32 +0000
>
> Revision: http://svn.php.net/viewvc?view=revision&revision=321094
>
> Log:
> Fix segfault in older versions of OpenSSL (before 0.9.8i)
>
> Changed paths:
>    U   php/php-src/branches/PHP_5_3/NEWS
>    U   php/php-src/branches/PHP_5_3/ext/openssl/openssl.c
>    U   php/php-src/branches/PHP_5_4/NEWS
>    U   php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
>    U   php/php-src/trunk/ext/openssl/openssl.c
>
> Modified: php/php-src/branches/PHP_5_3/NEWS
> ===================================================================
> --- php/php-src/branches/PHP_5_3/NEWS   2011-12-18 01:04:35 UTC (rev 321093)
> +++ php/php-src/branches/PHP_5_3/NEWS   2011-12-18 05:14:32 UTC (rev 321094)
> @@ -6,6 +6,9 @@
>   . Added max_input_vars directive to prevent attacks based on hash collisions
>     (Dmitry).
>
> +- OpenSSL:
> +  . Fix segfault with older versions of OpenSSL. (Scott)
> +
>  - Streams:
>   . Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected 
> together
>     with the last read). (Gustavo)
>
> Modified: php/php-src/branches/PHP_5_3/ext/openssl/openssl.c
> ===================================================================
> --- php/php-src/branches/PHP_5_3/ext/openssl/openssl.c  2011-12-18 01:04:35 
> UTC (rev 321093)
> +++ php/php-src/branches/PHP_5_3/ext/openssl/openssl.c  2011-12-18 05:14:32 
> UTC (rev 321094)
> @@ -4713,7 +4713,9 @@
>                EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
>        }
>        EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
> -       EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, 
> data_len);
> +       if (data_len > 0) {
> +               EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char 
> *)data, data_len);
> +       }
>        outlen = i;
>        if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
>                outlen += i;
>
> Modified: php/php-src/branches/PHP_5_4/NEWS
> ===================================================================
> --- php/php-src/branches/PHP_5_4/NEWS   2011-12-18 01:04:35 UTC (rev 321093)
> +++ php/php-src/branches/PHP_5_4/NEWS   2011-12-18 05:14:32 UTC (rev 321094)
> @@ -5,11 +5,16 @@
>   . Added max_input_vars directive to prevent attacks based on hash collisions
>     (Dmitry).
>   . Fixed bug #60536 (Traits Segfault). (Laruence)
> +
>  - CLI SAPI:
>   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
>     one 200 RQ and one 404). (Laruence)
>   . Fixed bug #60523 (PHP Errors are not reported in browsers using built-in
>     SAPI). (Laruence, Derick)
> +
> +- OpenSSL:
> +  . Fix segfault with older versions of OpenSSL. (Scott)
> +
>  - Pdo Firebird:
>   . Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO 
> Firebird).
>     (Mariuz)
>
> Modified: php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
> ===================================================================
> --- php/php-src/branches/PHP_5_4/ext/openssl/openssl.c  2011-12-18 01:04:35 
> UTC (rev 321093)
> +++ php/php-src/branches/PHP_5_4/ext/openssl/openssl.c  2011-12-18 05:14:32 
> UTC (rev 321094)
> @@ -4740,7 +4740,9 @@
>        if (options & OPENSSL_ZERO_PADDING) {
>                EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
>        }
> -       EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, 
> data_len);
> +       if (data_len > 0) {
> +               EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char 
> *)data, data_len);
> +       }
>        outlen = i;
>        if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
>                outlen += i;
>
> Modified: php/php-src/trunk/ext/openssl/openssl.c
> ===================================================================
> --- php/php-src/trunk/ext/openssl/openssl.c     2011-12-18 01:04:35 UTC (rev 
> 321093)
> +++ php/php-src/trunk/ext/openssl/openssl.c     2011-12-18 05:14:32 UTC (rev 
> 321094)
> @@ -4736,7 +4736,9 @@
>        if (options & OPENSSL_ZERO_PADDING) {
>                EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
>        }
> -       EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, 
> data_len);
> +       if (data_len > 0) {
> +               EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char 
> *)data, data_len);
> +       }
>        outlen = i;
>        if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
>                outlen += i;
>
>
> --
> PHP CVS Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php



-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to