Commit: 521a5c956800115f0be008e0581878e4303a5118 Author: Tjerk Meesters <tj...@muvee.com> Sat, 21 Sep 2013 18:24:00 +0800 Parents: a97aec16c0320c5737b43ad1c3caf01ea1485874 Branches: master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=521a5c956800115f0be008e0581878e4303a5118 Log: don't leak cert on errors, return null on zpp failure Changed paths: M ext/openssl/openssl.c M ext/openssl/tests/openssl_x509_digest.phpt Diff: diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index e6040d5..9685dac 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -1685,8 +1685,6 @@ PHP_FUNCTION(openssl_x509_digest) unsigned char md[EVP_MAX_MD_SIZE]; unsigned int n; - RETVAL_FALSE; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Z|sb", &zcert, &method, &method_len, &raw_output) == FAILURE) { return; } @@ -1694,28 +1692,26 @@ PHP_FUNCTION(openssl_x509_digest) cert = php_openssl_x509_from_zval(zcert, 0, &certresource TSRMLS_CC); if (cert == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot get cert from parameter 1"); - return; + RETURN_FALSE; } mdtype = EVP_get_digestbyname(method); if (!mdtype) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm"); - return; - } - - if (!X509_digest(cert, mdtype, md, &n)) { - php_error_docref(NULL TSRMLS_CC, E_ERROR, "out of memory"); - return; - } - - if (raw_output) { - RETVAL_STRINGL(md, n, 1); + RETVAL_FALSE; + } else if (!X509_digest(cert, mdtype, md, &n)) { + php_error_docref(NULL TSRMLS_CC, E_ERROR, "Out of memory"); + RETVAL_FALSE; } else { - int digest_str_len = n * 2; - char *digest_str = emalloc(digest_str_len + 1); + if (raw_output) { + RETVAL_STRINGL(md, n, 1); + } else { + int digest_str_len = n * 2; + char *digest_str = emalloc(digest_str_len + 1); - make_digest_ex(digest_str, md, n); - RETVAL_STRINGL(digest_str, digest_str_len, 0); + make_digest_ex(digest_str, md, n); + RETVAL_STRINGL(digest_str, digest_str_len, 0); + } } if (certresource == -1 && cert) { diff --git a/ext/openssl/tests/openssl_x509_digest.phpt b/ext/openssl/tests/openssl_x509_digest.phpt index 98ec009..fde4280 100644 --- a/ext/openssl/tests/openssl_x509_digest.phpt +++ b/ext/openssl/tests/openssl_x509_digest.phpt @@ -9,8 +9,12 @@ if (!extension_loaded("openssl")) die("skip"); $cert = "file://" . dirname(__FILE__) . "/cert.crt"; +echo "** Testing with no parameters **\n"; +var_dump(openssl_x509_digest()); + echo "** Testing default functionality **\n"; var_dump(openssl_x509_digest($cert)); + echo "** Testing hash method md5 **\n"; var_dump(openssl_x509_digest($cert, 'md5')); @@ -22,6 +26,10 @@ var_dump(openssl_x509_digest('123')); echo "** Testing bad hash method **\n"; var_dump(openssl_x509_digest($cert, 'xx45')); --EXPECTF-- +** Testing with no parameters ** + +Warning: openssl_x509_digest() expects at least 1 parameter, 0 given in %s on line %d +NULL ** Testing default functionality ** string(40) "6e6fd1ea10a5a23071d61c728ee9b40df6dbc33c" ** Testing hash method md5 ** -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php