pajoye Fri, 27 Jan 2012 10:56:33 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=322843
Log: - fix #60895, possible invalid handler usage Bug: https://bugs.php.net/60895 (Open) null pointer dereference in php_win32_free_rng_lock() Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/win32/winutil.c U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/win32/winutil.c U php/php-src/trunk/win32/winutil.c Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2012-01-27 10:00:18 UTC (rev 322842) +++ php/php-src/branches/PHP_5_3/NEWS 2012-01-27 10:56:33 UTC (rev 322843) @@ -3,23 +3,25 @@ ?? ?? 2012, PHP 5.3.10 - Core: - . Fixed bug #60227 (header() cannot detect the multi-line header with CR). - (rui) - . Fixed bug #60825 (Segfault when running symfony 2 tests). - (Dmitry, Laruence) + . Fixed bug #60227 (header() cannot detect the multi-line header with CR). + (rui) + . Fixed bug #60825 (Segfault when running symfony 2 tests). + (Dmitry, Laruence) + . Fix bug #60895 (Possible invalid handler usage in windows random + functions). (Pierre) - Firebird Database extension (ibase): - . Fixed bug #60802 (ibase_trans() gives segfault when passing params). + . Fixed bug #60802 (ibase_trans() gives segfault when passing params). - Streams: - . Further fix for bug #60455 (stream_get_line misbehaves if EOF is not detected - together with the last read). (Gustavo) - . Fixed bug #60817 (stream_get_line() reads from stream even when there is - already sufficient data buffered). stream_get_line() now behaves more like - fgets(), as is documented. (Gustavo) + . Further fix for bug #60455 (stream_get_line misbehaves if EOF is not detected + together with the last read). (Gustavo) + . Fixed bug #60817 (stream_get_line() reads from stream even when there is + already sufficient data buffered). stream_get_line() now behaves more like + fgets(), as is documented. (Gustavo) - PHP-FPM SAPI: - . Fixed bug #60811 (php-fpm compilation problem). (rasmus) + . Fixed bug #60811 (php-fpm compilation problem). (rasmus) 10 Jan 2012, PHP 5.3.9 Modified: php/php-src/branches/PHP_5_3/win32/winutil.c =================================================================== --- php/php-src/branches/PHP_5_3/win32/winutil.c 2012-01-27 10:00:18 UTC (rev 322842) +++ php/php-src/branches/PHP_5_3/win32/winutil.c 2012-01-27 10:56:33 UTC (rev 322843) @@ -62,8 +62,10 @@ void php_win32_free_rng_lock() { tsrm_mutex_lock(php_lock_win32_cryptoctx); - CryptReleaseContext(hCryptProv, 0); - has_crypto_ctx = 0; + if (has_crypto_ctx == 1) { + CryptReleaseContext(hCryptProv, 0); + has_crypto_ctx = 0; + } tsrm_mutex_unlock(php_lock_win32_cryptoctx); tsrm_mutex_free(php_lock_win32_cryptoctx); Modified: php/php-src/branches/PHP_5_4/NEWS =================================================================== --- php/php-src/branches/PHP_5_4/NEWS 2012-01-27 10:00:18 UTC (rev 322842) +++ php/php-src/branches/PHP_5_4/NEWS 2012-01-27 10:56:33 UTC (rev 322843) @@ -1,9 +1,14 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? Jan 2012, PHP 5.4.0 RC 7 -- Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0. - CVE-2011-3389. (Scott) +- Core: + . Fix bug #60895 (Possible invalid handler usage in windows random + functions). (Pierre) +- OpenSSL: + . Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0. + CVE-2011-3389. (Scott) + 19 Jan 2012, PHP 5.4.0 RC6 - Core: Modified: php/php-src/branches/PHP_5_4/win32/winutil.c =================================================================== --- php/php-src/branches/PHP_5_4/win32/winutil.c 2012-01-27 10:00:18 UTC (rev 322842) +++ php/php-src/branches/PHP_5_4/win32/winutil.c 2012-01-27 10:56:33 UTC (rev 322843) @@ -62,8 +62,10 @@ void php_win32_free_rng_lock() { tsrm_mutex_lock(php_lock_win32_cryptoctx); - CryptReleaseContext(hCryptProv, 0); - has_crypto_ctx = 0; + if (has_crypto_ctx == 1) { + CryptReleaseContext(hCryptProv, 0); + has_crypto_ctx = 0; + } tsrm_mutex_unlock(php_lock_win32_cryptoctx); tsrm_mutex_free(php_lock_win32_cryptoctx); Modified: php/php-src/trunk/win32/winutil.c =================================================================== --- php/php-src/trunk/win32/winutil.c 2012-01-27 10:00:18 UTC (rev 322842) +++ php/php-src/trunk/win32/winutil.c 2012-01-27 10:56:33 UTC (rev 322843) @@ -62,8 +62,10 @@ void php_win32_free_rng_lock() { tsrm_mutex_lock(php_lock_win32_cryptoctx); - CryptReleaseContext(hCryptProv, 0); - has_crypto_ctx = 0; + if (has_crypto_ctx == 1) { + CryptReleaseContext(hCryptProv, 0); + has_crypto_ctx = 0; + } tsrm_mutex_unlock(php_lock_win32_cryptoctx); tsrm_mutex_free(php_lock_win32_cryptoctx);
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php