diff options
author | Xinchen Hui <laruence@gmail.com> | 2017-04-10 19:02:50 +0800 |
---|---|---|
committer | Xinchen Hui <laruence@gmail.com> | 2017-04-10 19:02:50 +0800 |
commit | 42e576ace20355418bdc11226ac045cea4737391 (patch) | |
tree | e15b606d6d6ed945c1623122a3adcf00beb20db1 /ext | |
parent | e6423757645749dca781639d815f8348a4a20c98 (diff) | |
download | php-git-42e576ace20355418bdc11226ac045cea4737391.tar.gz |
Fixed bug #74402 (segfault on random_bytes, bin2hex, openssl_seal)
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/openssl.c | 1 | ||||
-rw-r--r-- | ext/openssl/tests/bug74402.phpt | 30 |
2 files changed, 30 insertions, 1 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 7a8ccc0a99..1ea4d07e09 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -5399,7 +5399,6 @@ PHP_FUNCTION(openssl_seal) if (len1 + len2 > 0) { zval_dtor(sealdata); - buf[len1 + len2] = '\0'; ZVAL_NEW_STR(sealdata, zend_string_init((char*)buf, len1 + len2, 0)); efree(buf); diff --git a/ext/openssl/tests/bug74402.phpt b/ext/openssl/tests/bug74402.phpt new file mode 100644 index 0000000000..8cd98362df --- /dev/null +++ b/ext/openssl/tests/bug74402.phpt @@ -0,0 +1,30 @@ +--TEST-- +Bug #74402 (segfault on random_bytes, bin3hex, openssl_seal) +--SKIPIF-- +<?php +if (!extension_loaded("openssl")) { + print "skip"; +} +if (!in_array('AES256', openssl_get_cipher_methods(true))) { + print "skip"; +} +?> +--FILE-- +<?php +$data = "23153b1cf683cb16f8d71190a7c42f38fecda27c29a7bc8991c9f6a2a63602bf"; +$key = array("-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvjCLfpS0MyilIjR+IsH +HPH8TqFUCw4kTAVmTy9SDZV9hHYY2EPgrlTd7gvMP/DWipvBD6Y5w2bPdAQoXr5D +qEKAGkE+1El4hS8XyuOdYXSYTDH1HPSlFiGdgsnlkFcbh/fJyzIKBaGLnWxsjhiS +deiI7KuEkI9zt+X2r4KqFt/dhnXz0kcB1M7qyhQ6Rvijgjy/A1LsN4ZAREFLCEjb +1AP9nk0QAUHWcG5MvbgsE20Pn4R5wFsMFBTvNmb34jHFREgR9j4DYcV5FFR3tKb8 +3XtjE9/kjfK29BSpiyXZs8PSqDhO00vh6txUB4VfkVUD2Bi93rxDeyALnCW7My+l +YwIDAQAB +-----END PUBLIC KEY-----"); +$iv = ''; +var_dump(strlen($data)); +var_dump(openssl_seal($data, $sealed_data, $env_keys, $key, 'AES256', $iv)); +?> +--EXPECTF-- +int(64) +int(80) |