diff options
| author | Nikita Popov <nikita.ppv@gmail.com> | 2019-06-24 16:51:40 +0200 |
|---|---|---|
| committer | Nikita Popov <nikita.ppv@gmail.com> | 2019-06-25 10:25:44 +0200 |
| commit | 31123de0c8261356e312aa5c9eec3afa34b7e41e (patch) | |
| tree | ed3fe09abbec6351af2f7a0a128080bba3fc44a2 /ext/phar | |
| parent | 3a36e68c49f2e0e850494e56e6aa60ccf296c712 (diff) | |
| download | php-git-31123de0c8261356e312aa5c9eec3afa34b7e41e.tar.gz | |
Fix EVP_PKEY leak in phar
Diffstat (limited to 'ext/phar')
| -rw-r--r-- | ext/phar/util.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/ext/phar/util.c b/ext/phar/util.c index ff1f3f46db..ab5d3355ad 100644 --- a/ext/phar/util.c +++ b/ext/phar/util.c @@ -1547,7 +1547,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type, return FAILURE; } - key = PEM_read_bio_PUBKEY(in, NULL,NULL, NULL); + key = PEM_read_bio_PUBKEY(in, NULL, NULL, NULL); BIO_free(in); zend_string_release_ex(pubkey, 0); @@ -1581,6 +1581,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type, if (EVP_VerifyFinal(md_ctx, (unsigned char *)sig, sig_len, key) != 1) { /* 1: signature verified, 0: signature does not match, -1: failed signature operation */ + EVP_PKEY_free(key); EVP_MD_CTX_destroy(md_ctx); if (error) { @@ -1590,6 +1591,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type, return FAILURE; } + EVP_PKEY_free(key); EVP_MD_CTX_destroy(md_ctx); #endif @@ -1861,6 +1863,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat sigbuf = emalloc(siglen + 1); if (!EVP_SignInit(md_ctx, EVP_sha1())) { + EVP_PKEY_free(key); efree(sigbuf); if (error) { spprintf(error, 0, "unable to initialize openssl signature for phar \"%s\"", phar->fname); @@ -1870,6 +1873,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) { if (!EVP_SignUpdate(md_ctx, buf, sig_len)) { + EVP_PKEY_free(key); efree(sigbuf); if (error) { spprintf(error, 0, "unable to update the openssl signature for phar \"%s\"", phar->fname); @@ -1879,6 +1883,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat } if (!EVP_SignFinal (md_ctx, sigbuf, &siglen, key)) { + EVP_PKEY_free(key); efree(sigbuf); if (error) { spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname); @@ -1887,6 +1892,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat } sigbuf[siglen] = '\0'; + EVP_PKEY_free(key); EVP_MD_CTX_destroy(md_ctx); #else size_t siglen; |