openssl.c

Scott MacVicar Sun, 18 Dec 2011 12:03:53 -0800

It's not worth adding a test for, it's never going to re-occur and it only 
affects 4 year old versions of OpenSSL. Basically RHEL 5 is the only thing with 
a problem.


I wrote one but don't want to add a somewhat useless test. Attached, but the 
extra second to test running isn't worth it.

- Scott


On 18 Dec 2011, at 03:49, Pierre Joye wrote:

> hi,
> 
> do you have a test case for this crash?
> 
> Cheers,
> 
> On Sun, Dec 18, 2011 at 6:14 AM, Scott MacVicar <scott...@php.net> wrote:
>> scottmac                                 Sun, 18 Dec 2011 05:14:32 +0000
>> 
>> Revision: http://svn.php.net/viewvc?view=revision&revision=321094
>> 
>> Log:
>> Fix segfault in older versions of OpenSSL (before 0.9.8i)
>> 
>> Changed paths:
>>    U   php/php-src/branches/PHP_5_3/NEWS
>>    U   php/php-src/branches/PHP_5_3/ext/openssl/openssl.c
>>    U   php/php-src/branches/PHP_5_4/NEWS
>>    U   php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
>>    U   php/php-src/trunk/ext/openssl/openssl.c
>> 
>> Modified: php/php-src/branches/PHP_5_3/NEWS
>> ===================================================================
>> --- php/php-src/branches/PHP_5_3/NEWS   2011-12-18 01:04:35 UTC (rev 321093)
>> +++ php/php-src/branches/PHP_5_3/NEWS   2011-12-18 05:14:32 UTC (rev 321094)
>> @@ -6,6 +6,9 @@
>>   . Added max_input_vars directive to prevent attacks based on hash 
>> collisions
>>     (Dmitry).
>> 
>> +- OpenSSL:
>> +  . Fix segfault with older versions of OpenSSL. (Scott)
>> +
>>  - Streams:
>>   . Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected 
>> together
>>     with the last read). (Gustavo)
>> 
>> Modified: php/php-src/branches/PHP_5_3/ext/openssl/openssl.c
>> ===================================================================
>> --- php/php-src/branches/PHP_5_3/ext/openssl/openssl.c  2011-12-18 01:04:35 
>> UTC (rev 321093)
>> +++ php/php-src/branches/PHP_5_3/ext/openssl/openssl.c  2011-12-18 05:14:32 
>> UTC (rev 321094)
>> @@ -4713,7 +4713,9 @@
>>                EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
>>        }
>>        EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
>> -       EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, 
>> data_len);
>> +       if (data_len > 0) {
>> +               EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char 
>> *)data, data_len);
>> +       }
>>        outlen = i;
>>        if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
>>                outlen += i;
>> 
>> Modified: php/php-src/branches/PHP_5_4/NEWS
>> ===================================================================
>> --- php/php-src/branches/PHP_5_4/NEWS   2011-12-18 01:04:35 UTC (rev 321093)
>> +++ php/php-src/branches/PHP_5_4/NEWS   2011-12-18 05:14:32 UTC (rev 321094)
>> @@ -5,11 +5,16 @@
>>   . Added max_input_vars directive to prevent attacks based on hash 
>> collisions
>>     (Dmitry).
>>   . Fixed bug #60536 (Traits Segfault). (Laruence)
>> +
>>  - CLI SAPI:
>>   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
>>     one 200 RQ and one 404). (Laruence)
>>   . Fixed bug #60523 (PHP Errors are not reported in browsers using built-in
>>     SAPI). (Laruence, Derick)
>> +
>> +- OpenSSL:
>> +  . Fix segfault with older versions of OpenSSL. (Scott)
>> +
>>  - Pdo Firebird:
>>   . Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO 
>> Firebird).
>>     (Mariuz)
>> 
>> Modified: php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
>> ===================================================================
>> --- php/php-src/branches/PHP_5_4/ext/openssl/openssl.c  2011-12-18 01:04:35 
>> UTC (rev 321093)
>> +++ php/php-src/branches/PHP_5_4/ext/openssl/openssl.c  2011-12-18 05:14:32 
>> UTC (rev 321094)
>> @@ -4740,7 +4740,9 @@
>>        if (options & OPENSSL_ZERO_PADDING) {
>>                EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
>>        }
>> -       EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, 
>> data_len);
>> +       if (data_len > 0) {
>> +               EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char 
>> *)data, data_len);
>> +       }
>>        outlen = i;
>>        if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
>>                outlen += i;
>> 
>> Modified: php/php-src/trunk/ext/openssl/openssl.c
>> ===================================================================
>> --- php/php-src/trunk/ext/openssl/openssl.c     2011-12-18 01:04:35 UTC (rev 
>> 321093)
>> +++ php/php-src/trunk/ext/openssl/openssl.c     2011-12-18 05:14:32 UTC (rev 
>> 321094)
>> @@ -4736,7 +4736,9 @@
>>        if (options & OPENSSL_ZERO_PADDING) {
>>                EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
>>        }
>> -       EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, 
>> data_len);
>> +       if (data_len > 0) {
>> +               EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char 
>> *)data, data_len);
>> +       }
>>        outlen = i;
>>        if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
>>                outlen += i;
>> 
>> 
>> --
>> PHP CVS Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 
> 
> -- 
> Pierre
> 
> @pierrejoye | http://blog.thepimp.net | http://www.libgd.org

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/ext/openssl/openssl.c branches/PHP_5_4/NEWS branches/PHP_5_4/ext/openssl/openssl.c trunk/ext/openssl/openssl.c

Reply via email to