diff options
| author | Jakub Zelenka <bukka@php.net> | 2017-10-15 20:31:25 +0100 |
|---|---|---|
| committer | Jakub Zelenka <bukka@php.net> | 2017-10-15 20:31:25 +0100 |
| commit | 547fee9cd44d3aed19490971e2d06f275a7b522b (patch) | |
| tree | 5f0d99c35ee428d065034482eab74fc452027be6 | |
| parent | 5e2751e7ffa5ad877083abc7dda8da658c9691c7 (diff) | |
| parent | 999fe36d404a375864202a1b2d90de111ddd1b25 (diff) | |
| download | php-git-547fee9cd44d3aed19490971e2d06f275a7b522b.tar.gz | |
Merge branch 'PHP-7.0' into PHP-7.1
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/openssl/openssl.c | 52 |
2 files changed, 29 insertions, 27 deletions
@@ -19,8 +19,8 @@ PHP NEWS . Fixed bug #75301 (Exif extension has built in revision version). (Peter Kokot) -- Openssl: - . Fixed bug #75363 (openssl_x509_parse leaks memory). (Bob) +- OpenSSL: + . Fixed bug #75363 (openssl_x509_parse leaks memory). (Bob, Jakub Zelenka) - Zlib: . Fixed bug #75299 (Wrong reflection on inflate_init and inflate_add). (Fabien diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index b199e0a68c..b5b0e87b54 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -1728,7 +1728,6 @@ PHP_FUNCTION(openssl_x509_export_to_file) zval * zcert; zend_bool notext = 1; BIO * bio_out; - zend_resource *certresource; char * filename; size_t filename_len; @@ -1737,7 +1736,7 @@ PHP_FUNCTION(openssl_x509_export_to_file) } RETVAL_FALSE; - cert = php_openssl_x509_from_zval(zcert, 0, &certresource); + cert = php_openssl_x509_from_zval(zcert, 0, NULL); if (cert == NULL) { php_error_docref(NULL, E_WARNING, "cannot get cert from parameter 1"); return; @@ -1761,7 +1760,7 @@ PHP_FUNCTION(openssl_x509_export_to_file) php_openssl_store_errors(); php_error_docref(NULL, E_WARNING, "error opening file %s", filename); } - if (certresource == NULL && cert) { + if (Z_TYPE_P(zcert) != IS_RESOURCE) { X509_free(cert); } @@ -2070,14 +2069,13 @@ PHP_FUNCTION(openssl_x509_export) zval * zcert, *zout; zend_bool notext = 1; BIO * bio_out; - zend_resource *certresource; if (zend_parse_parameters(ZEND_NUM_ARGS(), "zz/|b", &zcert, &zout, ¬ext) == FAILURE) { return; } RETVAL_FALSE; - cert = php_openssl_x509_from_zval(zcert, 0, &certresource); + cert = php_openssl_x509_from_zval(zcert, 0, NULL); if (cert == NULL) { php_error_docref(NULL, E_WARNING, "cannot get cert from parameter 1"); return; @@ -2106,7 +2104,7 @@ PHP_FUNCTION(openssl_x509_export) BIO_free(bio_out); cleanup: - if (certresource == NULL && cert != NULL) { + if (Z_TYPE_P(zcert) != IS_RESOURCE) { X509_free(cert); } } @@ -2143,7 +2141,6 @@ PHP_FUNCTION(openssl_x509_fingerprint) { X509 *cert; zval *zcert; - zend_resource *certresource; zend_bool raw_output = 0; char *method = "sha1"; size_t method_len; @@ -2153,7 +2150,7 @@ PHP_FUNCTION(openssl_x509_fingerprint) return; } - cert = php_openssl_x509_from_zval(zcert, 0, &certresource); + cert = php_openssl_x509_from_zval(zcert, 0, NULL); if (cert == NULL) { php_error_docref(NULL, E_WARNING, "cannot get cert from parameter 1"); RETURN_FALSE; @@ -2166,7 +2163,7 @@ PHP_FUNCTION(openssl_x509_fingerprint) RETVAL_FALSE; } - if (certresource == NULL && cert) { + if (Z_TYPE_P(zcert) != IS_RESOURCE) { X509_free(cert); } } @@ -2178,14 +2175,14 @@ PHP_FUNCTION(openssl_x509_check_private_key) zval * zcert, *zkey; X509 * cert = NULL; EVP_PKEY * key = NULL; - zend_resource *certresource = NULL, *keyresource = NULL; + zend_resource *keyresource = NULL; RETVAL_FALSE; if (zend_parse_parameters(ZEND_NUM_ARGS(), "zz", &zcert, &zkey) == FAILURE) { return; } - cert = php_openssl_x509_from_zval(zcert, 0, &certresource); + cert = php_openssl_x509_from_zval(zcert, 0, NULL); if (cert == NULL) { RETURN_FALSE; } @@ -2197,7 +2194,7 @@ PHP_FUNCTION(openssl_x509_check_private_key) if (keyresource == NULL && key) { EVP_PKEY_free(key); } - if (certresource == NULL && cert) { + if (Z_TYPE_P(zcert) != IS_RESOURCE) { X509_free(cert); } } @@ -2416,6 +2413,9 @@ PHP_FUNCTION(openssl_x509_parse) } else { zval_dtor(return_value); BIO_free(bio_out); + if (Z_TYPE_P(zcert) != IS_RESOURCE) { + X509_free(cert); + } RETURN_FALSE; } } @@ -2428,6 +2428,9 @@ PHP_FUNCTION(openssl_x509_parse) BIO_free(bio_out); } add_assoc_zval(return_value, "extensions", &subitem); + if (Z_TYPE_P(zcert) != IS_RESOURCE) { + X509_free(cert); + } } /* }}} */ @@ -2525,7 +2528,6 @@ PHP_FUNCTION(openssl_x509_checkpurpose) zval * zcert, * zcainfo = NULL; X509_STORE * cainfo = NULL; X509 * cert = NULL; - zend_resource *certresource = NULL; STACK_OF(X509) * untrustedchain = NULL; zend_long purpose; char * untrusted = NULL; @@ -2549,7 +2551,7 @@ PHP_FUNCTION(openssl_x509_checkpurpose) if (cainfo == NULL) { goto clean_exit; } - cert = php_openssl_x509_from_zval(zcert, 0, &certresource); + cert = php_openssl_x509_from_zval(zcert, 0, NULL); if (cert == NULL) { goto clean_exit; } @@ -2560,11 +2562,10 @@ PHP_FUNCTION(openssl_x509_checkpurpose) } else { RETVAL_BOOL(ret); } - -clean_exit: - if (certresource == NULL && cert) { + if (Z_TYPE_P(zcert) != IS_RESOURCE) { X509_free(cert); } +clean_exit: if (cainfo) { X509_STORE_free(cainfo); } @@ -2756,7 +2757,7 @@ PHP_FUNCTION(openssl_pkcs12_export_to_file) size_t pass_len; zval *zcert = NULL, *zpkey = NULL, *args = NULL; EVP_PKEY *priv_key = NULL; - zend_resource *certresource, *keyresource; + zend_resource *keyresource; zval * item; STACK_OF(X509) *ca = NULL; @@ -2765,7 +2766,7 @@ PHP_FUNCTION(openssl_pkcs12_export_to_file) RETVAL_FALSE; - cert = php_openssl_x509_from_zval(zcert, 0, &certresource); + cert = php_openssl_x509_from_zval(zcert, 0, NULL); if (cert == NULL) { php_error_docref(NULL, E_WARNING, "cannot get cert from parameter 1"); return; @@ -2775,7 +2776,7 @@ PHP_FUNCTION(openssl_pkcs12_export_to_file) php_error_docref(NULL, E_WARNING, "cannot get private key from parameter 3"); goto cleanup; } - if (cert && !X509_check_private_key(cert, priv_key)) { + if (!X509_check_private_key(cert, priv_key)) { php_openssl_store_errors(); php_error_docref(NULL, E_WARNING, "private key does not correspond to cert"); goto cleanup; @@ -2825,7 +2826,8 @@ cleanup: if (keyresource == NULL && priv_key) { EVP_PKEY_free(priv_key); } - if (certresource == NULL && cert) { + + if (Z_TYPE_P(zcert) != IS_RESOURCE) { X509_free(cert); } } @@ -2840,7 +2842,7 @@ PHP_FUNCTION(openssl_pkcs12_export) PKCS12 * p12 = NULL; zval * zcert = NULL, *zout = NULL, *zpkey, *args = NULL; EVP_PKEY *priv_key = NULL; - zend_resource *certresource, *keyresource; + zend_resource *keyresource; char * pass; size_t pass_len; char * friendly_name = NULL; @@ -2852,7 +2854,7 @@ PHP_FUNCTION(openssl_pkcs12_export) RETVAL_FALSE; - cert = php_openssl_x509_from_zval(zcert, 0, &certresource); + cert = php_openssl_x509_from_zval(zcert, 0, NULL); if (cert == NULL) { php_error_docref(NULL, E_WARNING, "cannot get cert from parameter 1"); return; @@ -2862,7 +2864,7 @@ PHP_FUNCTION(openssl_pkcs12_export) php_error_docref(NULL, E_WARNING, "cannot get private key from parameter 3"); goto cleanup; } - if (cert && !X509_check_private_key(cert, priv_key)) { + if (!X509_check_private_key(cert, priv_key)) { php_error_docref(NULL, E_WARNING, "private key does not correspond to cert"); goto cleanup; } @@ -2903,7 +2905,7 @@ cleanup: if (keyresource == NULL && priv_key) { EVP_PKEY_free(priv_key); } - if (certresource == NULL && cert) { + if (Z_TYPE_P(zcert) != IS_RESOURCE) { X509_free(cert); } } |