Fix bug #72776 (Invalid parameter in memcpy function trough openssl_pbkdf2)

author: Jakub Zelenka <bukka@php.net> 2016-11-06 20:40:51 +0000
committer: Jakub Zelenka <bukka@php.net> 2016-11-06 20:40:51 +0000
commit: 493b2bff02531b0ead233177a2a0846c75e94777 (patch)
tree: 807c719f3bd986dbecf8c84fcfccc548f8a6a576
parent: b044a7429e750071ef152595a5fc4e880f88430e (diff)
download: php-git-493b2bff02531b0ead233177a2a0846c75e94777.tar.gz
2 files changed, 5 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index c2f35898dd..8d5b14e9ac 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,10 @@ PHP                                                                        NEWS
   . Fixed bug #73402 (Opcache segfault when using class constant to call a
     method). (Laruence)
 
+- OpenSSL
+  . Fixed bug #72776 (Invalid parameter in memcpy function trough
+    openssl_pbkdf2). (Jakub Zelenka)
+
 10 Nov 2016, PHP 5.6.28
 
 - Core:
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 01f2a099a8..f8641c62fc 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -4059,7 +4059,7 @@ PHP_FUNCTION(openssl_pbkdf2)
 		return;
 	}
 
-	if (key_length <= 0) {
+	if (key_length <= 0 || key_length > INT_MAX) {
 		RETURN_FALSE;
 	}
author	Jakub Zelenka <bukka@php.net>	2016-11-06 20:40:51 +0000
committer	Jakub Zelenka <bukka@php.net>	2016-11-06 20:40:51 +0000
commit	493b2bff02531b0ead233177a2a0846c75e94777 (patch)
tree	807c719f3bd986dbecf8c84fcfccc548f8a6a576
parent	b044a7429e750071ef152595a5fc4e880f88430e (diff)
download	php-git-493b2bff02531b0ead233177a2a0846c75e94777.tar.gz