]>
Commit | Line | Data |
---|---|---|
28c8c101 AM |
1 | commit 7b0107cc5d3d90655957680ef9cf916dce6875a7 |
2 | Author: Stanislav Malyshev <stas@php.net> | |
3 | Date: Sun Feb 17 13:28:42 2013 -0800 | |
4 | ||
5 | fix bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey() | |
6 | ||
7 | diff --git a/NEWS b/NEWS | |
8 | index 37c1332be3..bedc6a4dcf 100644 | |
9 | --- a/NEWS | |
10 | +++ b/NEWS | |
11 | @@ -12,6 +12,10 @@ PHP NEWS | |
12 | - Mbstring: | |
13 | . mb_split() can now handle empty matches like preg_split() does. (Moriyoshi) | |
14 | ||
15 | +- OpenSSL: | |
16 | + . Fixed bug #61930 (openssl corrupts ssl key resource when using | |
17 | + openssl_get_publickey()). (Stas) | |
18 | + | |
19 | - SPL: | |
20 | . Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS). | |
21 | (patch by kriss@krizalys.com, Laruence) | |
22 | diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c | |
23 | index 328c1ee937..d7ac117e51 100644 | |
24 | --- a/ext/openssl/openssl.c | |
25 | +++ b/ext/openssl/openssl.c | |
26 | @@ -3204,6 +3204,7 @@ PHP_FUNCTION(openssl_pkey_get_public) | |
27 | if (pkey == NULL) { | |
28 | RETURN_FALSE; | |
29 | } | |
30 | + zend_list_addref(Z_LVAL_P(return_value)); | |
31 | } | |
32 | /* }}} */ | |
33 | ||
34 | @@ -3240,6 +3241,7 @@ PHP_FUNCTION(openssl_pkey_get_private) | |
35 | if (pkey == NULL) { | |
36 | RETURN_FALSE; | |
37 | } | |
38 | + zend_list_addref(Z_LVAL_P(return_value)); | |
39 | } | |
40 | ||
41 | /* }}} */ | |
42 | diff --git a/ext/openssl/tests/bug61930.phpt b/ext/openssl/tests/bug61930.phpt | |
43 | new file mode 100644 | |
44 | index 0000000000..55dc42fded | |
45 | --- /dev/null | |
46 | +++ b/ext/openssl/tests/bug61930.phpt | |
47 | @@ -0,0 +1,24 @@ | |
48 | +--TEST-- | |
49 | +Bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey() | |
50 | +--SKIPIF-- | |
51 | +<?php | |
52 | +if (!extension_loaded("openssl")) die("skip"); | |
53 | +?> | |
54 | +--FILE-- | |
55 | +<?php | |
56 | +$cert = file_get_contents(__DIR__.'/cert.crt'); | |
57 | + | |
58 | +$data = <<<DATA | |
59 | +Please verify me | |
60 | +DATA; | |
61 | + | |
62 | +$sig = 'f9Gyb6NV/ENn7GUa37ygTLcF93XHf5fbFTnoYF/O+fXbq3iChGUbET0RuhOsptlAODi6JsDLnJO4ikcVZo0tC1fFTj3LyCuPy3ZdgJbbVxQ/rviROCmuMFTqUW/Xa2LQYiapeCCgLQeWTLg7TM/BoHEkKbKLG/XT5jHvep1758A='; | |
63 | + | |
64 | +$key = openssl_get_publickey($cert); | |
65 | +var_dump(openssl_get_publickey($key)); | |
66 | +var_dump(openssl_verify($data, base64_decode($sig), $key)); | |
67 | +?> | |
68 | +--EXPECTF-- | |
69 | +resource(%d) of type (OpenSSL key) | |
70 | +int(1) | |
71 | + |