diff options
Diffstat (limited to 'ext/openssl/openssl.c')
| -rw-r--r-- | ext/openssl/openssl.c | 82 |
1 files changed, 53 insertions, 29 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 8cf294b361..7f287c8823 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -1725,7 +1725,9 @@ static X509 * php_openssl_x509_from_zval(zval * val, int makeresource, zend_reso } /* force it to be a string and check if it refers to a file */ - convert_to_string_ex(val); + if (!try_convert_to_string(val)) { + return NULL; + } if (Z_STRLEN_P(val) > 7 && memcmp(Z_STRVAL_P(val), "file://", sizeof("file://") - 1) == 0) { @@ -2671,32 +2673,37 @@ static X509_STORE *php_openssl_setup_verify(zval *calist) if (calist && (Z_TYPE_P(calist) == IS_ARRAY)) { ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(calist), item) { - convert_to_string_ex(item); + zend_string *str = zval_get_string(item); + if (EG(exception)) { + return NULL; + } - if (VCWD_STAT(Z_STRVAL_P(item), &sb) == -1) { - php_error_docref(NULL, E_WARNING, "unable to stat %s", Z_STRVAL_P(item)); + if (VCWD_STAT(ZSTR_VAL(str), &sb) == -1) { + php_error_docref(NULL, E_WARNING, "unable to stat %s", ZSTR_VAL(str)); + zend_string_release(str); continue; } if ((sb.st_mode & S_IFREG) == S_IFREG) { file_lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); - if (file_lookup == NULL || !X509_LOOKUP_load_file(file_lookup, Z_STRVAL_P(item), X509_FILETYPE_PEM)) { + if (file_lookup == NULL || !X509_LOOKUP_load_file(file_lookup, ZSTR_VAL(str), X509_FILETYPE_PEM)) { php_openssl_store_errors(); - php_error_docref(NULL, E_WARNING, "error loading file %s", Z_STRVAL_P(item)); + php_error_docref(NULL, E_WARNING, "error loading file %s", ZSTR_VAL(str)); } else { nfiles++; } file_lookup = NULL; } else { dir_lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir()); - if (dir_lookup == NULL || !X509_LOOKUP_add_dir(dir_lookup, Z_STRVAL_P(item), X509_FILETYPE_PEM)) { + if (dir_lookup == NULL || !X509_LOOKUP_add_dir(dir_lookup, ZSTR_VAL(str), X509_FILETYPE_PEM)) { php_openssl_store_errors(); - php_error_docref(NULL, E_WARNING, "error loading directory %s", Z_STRVAL_P(item)); + php_error_docref(NULL, E_WARNING, "error loading directory %s", ZSTR_VAL(str)); } else { ndirs++; } dir_lookup = NULL; } + zend_string_release(str); } ZEND_HASH_FOREACH_END(); } if (nfiles == 0) { @@ -3145,23 +3152,25 @@ static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, z /* apply values from the dn hash */ ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(dn), strindex, item) { if (strindex) { - int nid; - - convert_to_string_ex(item); - - nid = OBJ_txt2nid(ZSTR_VAL(strindex)); + int nid = OBJ_txt2nid(ZSTR_VAL(strindex)); if (nid != NID_undef) { + zend_string *str_item = zval_get_string(item); + if (EG(exception)) { + return FAILURE; + } if (!X509_NAME_add_entry_by_NID(subj, nid, MBSTRING_UTF8, - (unsigned char*)Z_STRVAL_P(item), -1, -1, 0)) + (unsigned char*)ZSTR_VAL(str_item), -1, -1, 0)) { php_openssl_store_errors(); php_error_docref(NULL, E_WARNING, "dn: add_entry_by_NID %d -> %s (failed; check error" " queue and value of string_mask OpenSSL option " "if illegal characters are reported)", - nid, Z_STRVAL_P(item)); + nid, ZSTR_VAL(str_item)); + zend_string_release(str_item); return FAILURE; } + zend_string_release(str_item); } else { php_error_docref(NULL, E_WARNING, "dn: %s is not a recognized name", ZSTR_VAL(strindex)); } @@ -3226,15 +3235,19 @@ static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, z continue; } - convert_to_string_ex(item); - nid = OBJ_txt2nid(ZSTR_VAL(strindex)); if (nid != NID_undef) { - if (!X509_NAME_add_entry_by_NID(subj, nid, MBSTRING_UTF8, (unsigned char*)Z_STRVAL_P(item), -1, -1, 0)) { + zend_string *str_item = zval_get_string(item); + if (EG(exception)) { + return FAILURE; + } + if (!X509_NAME_add_entry_by_NID(subj, nid, MBSTRING_UTF8, (unsigned char*)ZSTR_VAL(str_item), -1, -1, 0)) { php_openssl_store_errors(); - php_error_docref(NULL, E_WARNING, "attribs: add_entry_by_NID %d -> %s (failed)", nid, Z_STRVAL_P(item)); + php_error_docref(NULL, E_WARNING, "attribs: add_entry_by_NID %d -> %s (failed)", nid, ZSTR_VAL(str_item)); + zend_string_release(str_item); return FAILURE; } + zend_string_release(str_item); } else { php_error_docref(NULL, E_WARNING, "dn: %s is not a recognized name", ZSTR_VAL(strindex)); } @@ -3803,7 +3816,10 @@ static EVP_PKEY * php_openssl_evp_from_zval( passphrase_len = Z_STRLEN_P(zphrase); } else { ZVAL_COPY(&tmp, zphrase); - convert_to_string(&tmp); + if (!try_convert_to_string(&tmp)) { + return NULL; + } + passphrase = Z_STRVAL(tmp); passphrase_len = Z_STRLEN(tmp); } @@ -3864,7 +3880,9 @@ static EVP_PKEY * php_openssl_evp_from_zval( if (!(Z_TYPE_P(val) == IS_STRING || Z_TYPE_P(val) == IS_OBJECT)) { TMP_CLEAN; } - convert_to_string_ex(val); + if (!try_convert_to_string(val)) { + TMP_CLEAN; + } if (Z_STRLEN_P(val) > 7 && memcmp(Z_STRVAL_P(val), "file://", sizeof("file://") - 1) == 0) { filename = Z_STRVAL_P(val) + (sizeof("file://") - 1); @@ -5351,13 +5369,16 @@ PHP_FUNCTION(openssl_pkcs7_encrypt) /* tack on extra headers */ if (zheaders) { ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(zheaders), strindex, zcertval) { - convert_to_string_ex(zcertval); - + zend_string *str = zval_get_string(zcertval); + if (EG(exception)) { + goto clean_exit; + } if (strindex) { - BIO_printf(outfile, "%s: %s\n", ZSTR_VAL(strindex), Z_STRVAL_P(zcertval)); + BIO_printf(outfile, "%s: %s\n", ZSTR_VAL(strindex), ZSTR_VAL(str)); } else { - BIO_printf(outfile, "%s\n", Z_STRVAL_P(zcertval)); + BIO_printf(outfile, "%s\n", ZSTR_VAL(str)); } + zend_string_release(str); } ZEND_HASH_FOREACH_END(); } @@ -5566,13 +5587,16 @@ PHP_FUNCTION(openssl_pkcs7_sign) int ret; ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(zheaders), strindex, hval) { - convert_to_string_ex(hval); - + zend_string *str = zval_get_string(hval); + if (EG(exception)) { + goto clean_exit; + } if (strindex) { - ret = BIO_printf(outfile, "%s: %s\n", ZSTR_VAL(strindex), Z_STRVAL_P(hval)); + ret = BIO_printf(outfile, "%s: %s\n", ZSTR_VAL(strindex), ZSTR_VAL(str)); } else { - ret = BIO_printf(outfile, "%s\n", Z_STRVAL_P(hval)); + ret = BIO_printf(outfile, "%s\n", ZSTR_VAL(str)); } + zend_string_release(str); if (ret < 0) { php_openssl_store_errors(); } |