[packages/php.git] / php-bug-71475.patch

--- php-5.6.17/ext/openssl/openssl.c~	2016-01-06 16:14:47.000000000 +0100
+++ php-5.6.17/ext/openssl/openssl.c	2016-02-02 18:15:39.118449615 +0100
@@ -4886,6 +4886,7 @@ PHP_FUNCTION(openssl_seal)
 	memset(eks, 0, sizeof(*eks) * nkeys);
 	key_resources = safe_emalloc(nkeys, sizeof(long), 0);
 	memset(key_resources, 0, sizeof(*key_resources) * nkeys);
+	memset(pkeys, 0, sizeof(*pkeys) * nkeys);
 
 	/* get the public keys we are using to seal this data */
 	zend_hash_internal_pointer_reset_ex(pubkeysht, &pos);
@@ -4958,7 +4959,7 @@ PHP_FUNCTION(openssl_seal)
 
 clean_exit:
 	for (i=0; i<nkeys; i++) {
-		if (key_resources[i] == -1) {
+		if (key_resources[i] == -1 && pkeys[i] != NULL) {
 			EVP_PKEY_free(pkeys[i]);
 		}
 		if (eks[i]) { 
diff --git a/ext/openssl/tests/bug71475.phpt b/ext/openssl/tests/bug71475.phpt
new file mode 100644
index 0000000..680753d
--- /dev/null
+++ b/ext/openssl/tests/bug71475.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Bug #71475: openssl_seal() uninitialized memory usage
+--SKIPIF--
+<?php 
+if (!extension_loaded("openssl")) die("skip openssl not loaded");
+?>
+--FILE--
+<?php
+$_ = str_repeat("A", 512);
+openssl_seal($_, $_, $_, array_fill(0,64,0));
+?>
+DONE
+--EXPECTF--
+
+Warning: openssl_seal(): not a public key (1th member of pubkeys) in %s/bug71475.php on line %d
+DONE
\ No newline at end of file
Commit	Line	Data
00459e59 AM	1	--- php-5.6.17/ext/openssl/openssl.c~ 2016-01-06 16:14:47.000000000 +0100
	2	+++ php-5.6.17/ext/openssl/openssl.c 2016-02-02 18:15:39.118449615 +0100
	3	@@ -4886,6 +4886,7 @@ PHP_FUNCTION(openssl_seal)
	4	memset(eks, 0, sizeof(eks) nkeys);
	5	key_resources = safe_emalloc(nkeys, sizeof(long), 0);
	6	memset(key_resources, 0, sizeof(key_resources) nkeys);
	7	+ memset(pkeys, 0, sizeof(pkeys) nkeys);
	8
	9	/* get the public keys we are using to seal this data */
	10	zend_hash_internal_pointer_reset_ex(pubkeysht, &pos);
	11	@@ -4958,7 +4959,7 @@ PHP_FUNCTION(openssl_seal)
	12
	13	clean_exit:
	14	for (i=0; i<nkeys; i++) {
	15	- if (key_resources[i] == -1) {
	16	+ if (key_resources[i] == -1 && pkeys[i] != NULL) {
	17	EVP_PKEY_free(pkeys[i]);
	18	}
	19	if (eks[i]) {
	20	diff --git a/ext/openssl/tests/bug71475.phpt b/ext/openssl/tests/bug71475.phpt
	21	new file mode 100644
	22	index 0000000..680753d
	23	--- /dev/null
	24	+++ b/ext/openssl/tests/bug71475.phpt
	25	@@ -0,0 +1,16 @@
	26	+--TEST--
	27	+Bug #71475: openssl_seal() uninitialized memory usage
	28	+--SKIPIF--
	29	+<?php
	30	+if (!extension_loaded("openssl")) die("skip openssl not loaded");
	31	+?>
	32	+--FILE--
	33	+<?php
	34	+$_ = str_repeat("A", 512);
	35	+openssl_seal($_, $_, $_, array_fill(0,64,0));
	36	+?>
	37	+DONE
	38	+--EXPECTF--
	39	+
	40	+Warning: openssl_seal(): not a public key (1th member of pubkeys) in %s/bug71475.php on line %d
	41	+DONE
	42	\ No newline at end of file