[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/openssl xp_ssl.c

Thu, 25 May 2006 17:32:19 -0700 

pajoye          Fri May 26 00:32:07 2006 UTC

  Modified files:              (Branch: PHP_5_2)
    /php-src    NEWS 
    /php-src/ext/openssl        xp_ssl.c 
  Log:
  - fix leaks in openssl context options
  
  
http://cvs.php.net/viewcvs.cgi/php-src/NEWS?r1=1.2027.2.547.2.54&r2=1.2027.2.547.2.55&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.54 php-src/NEWS:1.2027.2.547.2.55
--- php-src/NEWS:1.2027.2.547.2.54      Thu May 25 22:54:16 2006
+++ php-src/NEWS        Fri May 26 00:32:06 2006
@@ -44,6 +44,7 @@
 - Added pg_field_table() function. (Edin)
 - Added implementation of curl_multi_info_read(). (Brian)
 - Added RFC2397 (data: stream) support. (Marcus)
+- Fixed memory leaks in openssl streams context options (Pierre)
 - Fixed handling of extremely long paths inside tempnam() function. (Ilia)
 - Fixed bug #37587 (var without attribute causes segfault). (Marcus)
 - Fixed bug #37569 (WDDX incorrectly encodes high-ascii characters). (Ilia)
http://cvs.php.net/viewcvs.cgi/php-src/ext/openssl/xp_ssl.c?r1=1.22.2.3&r2=1.22.2.3.2.1&diff_format=u
Index: php-src/ext/openssl/xp_ssl.c
diff -u php-src/ext/openssl/xp_ssl.c:1.22.2.3 
php-src/ext/openssl/xp_ssl.c:1.22.2.3.2.1
--- php-src/ext/openssl/xp_ssl.c:1.22.2.3       Sun Apr 30 23:43:40 2006
+++ php-src/ext/openssl/xp_ssl.c        Fri May 26 00:32:07 2006
@@ -16,7 +16,7 @@
   +----------------------------------------------------------------------+
 */
 
-/* $Id: xp_ssl.c,v 1.22.2.3 2006/04/30 23:43:40 wez Exp $ */
+/* $Id: xp_ssl.c,v 1.22.2.3.2.1 2006/05/26 00:32:07 pajoye Exp $ */
 
 #include "php.h"
 #include "ext/standard/file.h"
@@ -432,6 +432,7 @@
                                                                "ssl", 
"peer_certificate",
                                                                zcert);
                                                peer_cert = NULL;
+                                               efree(zcert);
                                        }
 
                                        if (SUCCESS == 
php_stream_context_get_option(
@@ -445,7 +446,7 @@
                                                chain = SSL_get_peer_cert_chain(
                                                                        
sslsock->ssl_handle);
 
-                                               if (chain) {
+                                               if (chain && sk_X509_num(chain) 
> 0) {
                                                        int i;
                                                        array_init(arr);
 
@@ -458,6 +459,8 @@
                                                                                
        php_openssl_get_x509_list_id()));
                                                                
add_next_index_zval(arr, zcert);
                                                        }
+                                                               efree(zcert);
+
                                                } else {
                                                        ZVAL_NULL(arr);
                                                }
@@ -465,6 +468,8 @@
                                                
php_stream_context_set_option(stream->context,
                                                                "ssl", 
"peer_certificate_chain",
                                                                arr);
+                                               zval_dtor(arr);
+                                               efree(arr);
                                        }
                                }
                        }

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to