- Fixed NULL pointer dereference in stream_socket_enable_crypto, case when

ssl_handle of session_stream is not initialized.
author: Mateusz Kocielski <shm@php.net> 2011-11-12 10:36:55 +0000
committer: Mateusz Kocielski <shm@php.net> 2011-11-12 10:36:55 +0000
commit: 2c970a52e86a3dfb34d35e3e756fb466d49faaa8 (patch)
tree: 3dbb9903b8cbfa3f5ae51d45fb193755bb39bdef /ext/openssl
parent: 9a03ce581f684c031848b766385ffa3e2712bc74 (diff)
download: php-git-2c970a52e86a3dfb34d35e3e756fb466d49faaa8.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
index 4b4a144691..70c105be21 100644
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -406,6 +406,8 @@ static inline int php_openssl_setup_crypto(php_stream *stream,
 	if (cparam->inputs.session) {
 		if (cparam->inputs.session->ops != &php_openssl_socket_ops) {
 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied session stream must be an SSL enabled stream");
+ 		} else if (((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle == NULL) {
+ 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied SSL session stream is not initialized");
 		} else {
 			SSL_copy_session_id(sslsock->ssl_handle, ((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle);
 		}
author	Mateusz Kocielski <shm@php.net>	2011-11-12 10:36:55 +0000
committer	Mateusz Kocielski <shm@php.net>	2011-11-12 10:36:55 +0000
commit	2c970a52e86a3dfb34d35e3e756fb466d49faaa8 (patch)
tree	3dbb9903b8cbfa3f5ae51d45fb193755bb39bdef /ext/openssl
parent	9a03ce581f684c031848b766385ffa3e2712bc74 (diff)
download	php-git-2c970a52e86a3dfb34d35e3e756fb466d49faaa8.tar.gz