Fix segfault in older versions of OpenSSL (before 0.9.8i)

author: Scott MacVicar <scottmac@php.net> 2011-12-18 05:14:32 +0000
committer: Scott MacVicar <scottmac@php.net> 2011-12-18 05:14:32 +0000
commit: 095cbc48a8f0090f3b0abc6155f2b61943c9eafb (patch)
tree: 4aca510352c9b0fc6e47c1332227b931ce4d7788
parent: b8a08bf263d03c26da5f475f96a1d66eb566d874 (diff)
download: php-git-095cbc48a8f0090f3b0abc6155f2b61943c9eafb.tar.gz
2 files changed, 6 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index ac14281145..486598fbdc 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,9 @@ PHP                                                                        NEWS
   . Added max_input_vars directive to prevent attacks based on hash collisions
     (Dmitry).
 
+- OpenSSL:
+  . Fix segfault with older versions of OpenSSL. (Scott)
+      
 - Streams:
   . Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together
     with the last read). (Gustavo)
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 80cecf0679..4ea443698d 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -4713,7 +4713,9 @@ PHP_FUNCTION(openssl_encrypt)
 		EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
 	}
 	EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
-	EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+	if (data_len > 0) {
+		EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len);
+	}
 	outlen = i;
 	if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) {
 		outlen += i;
author	Scott MacVicar <scottmac@php.net>	2011-12-18 05:14:32 +0000
committer	Scott MacVicar <scottmac@php.net>	2011-12-18 05:14:32 +0000
commit	095cbc48a8f0090f3b0abc6155f2b61943c9eafb (patch)
tree	4aca510352c9b0fc6e47c1332227b931ce4d7788
parent	b8a08bf263d03c26da5f475f96a1d66eb566d874 (diff)
download	php-git-095cbc48a8f0090f3b0abc6155f2b61943c9eafb.tar.gz