diff options
author | Nikita Popov <nikita.ppv@gmail.com> | 2020-03-23 11:54:55 +0100 |
---|---|---|
committer | Nikita Popov <nikita.ppv@gmail.com> | 2020-03-23 11:55:22 +0100 |
commit | db08ef0d3274b239a6b9e68d71d02bb6acb71d82 (patch) | |
tree | dd19bb299c07ae00adea34f6b8422fd0477ce688 | |
parent | 347d18b48e984753e376d4f19a85852c433c48da (diff) | |
download | php-git-db08ef0d3274b239a6b9e68d71d02bb6acb71d82.tar.gz |
Fix RSA memory leak in mysqlnd auth
-rw-r--r-- | ext/mysqlnd/mysqlnd_auth.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/ext/mysqlnd/mysqlnd_auth.c b/ext/mysqlnd/mysqlnd_auth.c index fa156fa0e1..fa8c709516 100644 --- a/ext/mysqlnd/mysqlnd_auth.c +++ b/ext/mysqlnd/mysqlnd_auth.c @@ -728,6 +728,7 @@ mysqlnd_sha256_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t server_pub */ if (server_public_key_len <= passwd_len + 41) { /* password message is to long */ + RSA_free(server_public_key); SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long"); DBG_ERR("password is too long"); DBG_RETURN(NULL); @@ -1018,6 +1019,7 @@ mysqlnd_caching_sha2_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t serv */ if (server_public_key_len <= passwd_len + 41) { /* password message is to long */ + RSA_free(server_public_key); SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long"); DBG_ERR("password is too long"); DBG_RETURN(0); @@ -1025,6 +1027,7 @@ mysqlnd_caching_sha2_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t serv *crypted = emalloc(server_public_key_len); RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, *crypted, server_public_key, RSA_PKCS1_OAEP_PADDING); + RSA_free(server_public_key); DBG_RETURN(server_public_key_len); } /* }}} */ |