scottmac Wed, 07 Dec 2011 20:50:33 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=320612
Log: Make sure that we set the strong crypto result to false as well as returning false. Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/ext/openssl/openssl.c U php/php-src/trunk/ext/openssl/openssl.c Modified: php/php-src/branches/PHP_5_4/NEWS =================================================================== --- php/php-src/branches/PHP_5_4/NEWS 2011-12-07 20:36:39 UTC (rev 320611) +++ php/php-src/branches/PHP_5_4/NEWS 2011-12-07 20:50:33 UTC (rev 320612) @@ -18,6 +18,10 @@ - Intl: . Added support for UTS #46. (Gustavo) + +- OpenSSL: + . On error in openssl_random_pseudo_bytes() make sure we set strong result + to false. (Scott) - Reflection: . Fixed bug #60367 (Reflection and Late Static Binding). (Laruence) Modified: php/php-src/branches/PHP_5_4/ext/openssl/openssl.c =================================================================== --- php/php-src/branches/PHP_5_4/ext/openssl/openssl.c 2011-12-07 20:36:39 UTC (rev 320611) +++ php/php-src/branches/PHP_5_4/ext/openssl/openssl.c 2011-12-07 20:50:33 UTC (rev 320612) @@ -4941,13 +4941,19 @@ #ifdef PHP_WIN32 strong_result = 1; /* random/urandom equivalent on Windows */ - if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == FAILURE){ + if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == FAILURE) { efree(buffer); + if (zstrong_result_returned) { + ZVAL_BOOL(zstrong_result_returned, 0); + } RETURN_FALSE; } #else if ((strong_result = RAND_pseudo_bytes(buffer, buffer_length)) < 0) { efree(buffer); + if (zstrong_result_returned) { + ZVAL_BOOL(zstrong_result_returned, 0); + } RETURN_FALSE; } #endif Modified: php/php-src/trunk/ext/openssl/openssl.c =================================================================== --- php/php-src/trunk/ext/openssl/openssl.c 2011-12-07 20:36:39 UTC (rev 320611) +++ php/php-src/trunk/ext/openssl/openssl.c 2011-12-07 20:50:33 UTC (rev 320612) @@ -4939,11 +4939,17 @@ /* random/urandom equivalent on Windows */ if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == FAILURE){ efree(buffer); + if (zstrong_result_returned) { + ZVAL_BOOL(zstrong_result_returned, 0); + } RETURN_FALSE; } #else if ((strong_result = RAND_pseudo_bytes(buffer, buffer_length)) < 0) { efree(buffer); + if (zstrong_result_returned) { + ZVAL_BOOL(zstrong_result_returned, 0); + } RETURN_FALSE; } #endif
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php