Fix segfault in older versions of OpenSSL (before 0.9.8i)

2 files changed, 8 insertions, 1 deletions

diff --git a/NEWS b/NEWS
index c35b85edfa..5f542ebcf0 100644
--- a/NEWS
+++ b/NEWS
@@ -5,11 +5,16 @@ PHP                                                                        NEWS
   . Added max_input_vars directive to prevent attacks based on hash collisions
     (Dmitry).
   . Fixed bug #60536 (Traits Segfault). (Laruence)
+
 - CLI SAPI:
   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
     one 200 RQ and one 404). (Laruence)
   . Fixed bug #60523 (PHP Errors are not reported in browsers using built-in 
     SAPI). (Laruence, Derick)
+
+- OpenSSL:
+  . Fix segfault with older versions of OpenSSL. (Scott)
+
 - Pdo Firebird:
   . Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO Firebird).
     (Mariuz)  
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 4f37f08f8e..749326ab27 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -4740,7 +4740,9 @@ PHP_FUNCTION(openssl_encrypt)
 	if (options & OPENSSL_ZERO_PADDING) {
 		EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
 	}
-	EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+	if (data_len > 0) {
+		EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+	}
 	outlen = i;
 	if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
 		outlen += i;