Thanks Wez for pointing out.
New patch is available at,
http://puggy.symonds.net/~kameshj/openssl.c.patch.5.0
convert_to_string_ex is needed but not on val but on tmpzp.(Got lost
while manually copying the changes from my NetWare build environment to
Linux).
With regards
Kamesh Jayachandran
On
Hi Wez Jani,
Following snippet causes double free of memory, corrupts the symbol
table.
?php
$pk=false;//As openssl_get_publickey($nonsense) can give false
openssl_public_encrypt(Test,$encrypted,$pk);
$pk=false;
?
The culprit is php_openssl_evp_from_zval which is called by
The patch doesn't look quite right.
- convert_to_string_ex(val);
+ zval tmpz;
+ zval *tmpzp;
+ tmpz = *(*val);
+ zval_copy_ctor(tmpz);
+ tmpz.refcount=1;
+ tmpzp = tmpz;
I think that this is a place where convert_to_string(val) should be
used instead.
-
