diff options
author | Scott MacVicar <scottmac@php.net> | 2011-12-18 05:14:32 +0000 |
---|---|---|
committer | Scott MacVicar <scottmac@php.net> | 2011-12-18 05:14:32 +0000 |
commit | 095cbc48a8f0090f3b0abc6155f2b61943c9eafb (patch) | |
tree | 4aca510352c9b0fc6e47c1332227b931ce4d7788 | |
parent | b8a08bf263d03c26da5f475f96a1d66eb566d874 (diff) | |
download | php-git-095cbc48a8f0090f3b0abc6155f2b61943c9eafb.tar.gz |
Fix segfault in older versions of OpenSSL (before 0.9.8i)
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | ext/openssl/openssl.c | 4 |
2 files changed, 6 insertions, 1 deletions
@@ -6,6 +6,9 @@ PHP NEWS . Added max_input_vars directive to prevent attacks based on hash collisions (Dmitry). +- OpenSSL: + . Fix segfault with older versions of OpenSSL. (Scott) + - Streams: . Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together with the last read). (Gustavo) diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 80cecf0679..4ea443698d 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -4713,7 +4713,9 @@ PHP_FUNCTION(openssl_encrypt) EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len); } EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv); - EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len); + if (data_len > 0) { + EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len); + } outlen = i; if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) { outlen += i; |