diff options
| author | Pierre Joye <pajoye@php.net> | 2012-01-27 10:56:33 +0000 |
|---|---|---|
| committer | Pierre Joye <pajoye@php.net> | 2012-01-27 10:56:33 +0000 |
| commit | d54710ae2f30d15c7f272c8311c4267b458d0df5 (patch) | |
| tree | 8363fec8626b8b8e0e34877d0adba09ce19c583d | |
| parent | 07cf07df6149cb6d2f01fb0fd96daf52e0c3e2f1 (diff) | |
| download | php-git-d54710ae2f30d15c7f272c8311c4267b458d0df5.tar.gz | |
- fix #60895, possible invalid handler usage
| -rw-r--r-- | NEWS | 9 | ||||
| -rw-r--r-- | win32/winutil.c | 6 |
2 files changed, 11 insertions, 4 deletions
@@ -1,8 +1,13 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? Jan 2012, PHP 5.4.0 RC 7 -- Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0. - CVE-2011-3389. (Scott) +- Core: + . Fix bug #60895 (Possible invalid handler usage in windows random + functions). (Pierre) + +- OpenSSL: + . Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0. + CVE-2011-3389. (Scott) 19 Jan 2012, PHP 5.4.0 RC6 diff --git a/win32/winutil.c b/win32/winutil.c index 1e8bf0bedb..d9609f7987 100644 --- a/win32/winutil.c +++ b/win32/winutil.c @@ -62,8 +62,10 @@ void php_win32_init_rng_lock() void php_win32_free_rng_lock() { tsrm_mutex_lock(php_lock_win32_cryptoctx); - CryptReleaseContext(hCryptProv, 0); - has_crypto_ctx = 0; + if (has_crypto_ctx == 1) { + CryptReleaseContext(hCryptProv, 0); + has_crypto_ctx = 0; + } tsrm_mutex_unlock(php_lock_win32_cryptoctx); tsrm_mutex_free(php_lock_win32_cryptoctx); |