pajoye Sat Jul 29 22:10:49 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/openssl openssl.c
Log:
- fix leak when the key is not a valid key (like false or an array)
http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5&r2=1.98.2.5.2.1&diff_format=u
Index: php-src/ext/openssl/openssl.c
diff -u php-src/ext/openssl/openssl.c:1.98.2.5
php-src/ext/openssl/openssl.c:1.98.2.5.2.1
--- php-src/ext/openssl/openssl.c:1.98.2.5 Sun Apr 30 23:43:40 2006
+++ php-src/ext/openssl/openssl.c Sat Jul 29 22:10:49 2006
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: openssl.c,v 1.98.2.5 2006/04/30 23:43:40 wez Exp $ */
+/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -577,6 +577,30 @@
}
return SUCCESS;
}
+
+static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */
+ EVP_MD *mdtype;
+
+ switch (algo) {
+ case OPENSSL_ALGO_SHA1:
+ mdtype = (EVP_MD *) EVP_sha1();
+ break;
+ case OPENSSL_ALGO_MD5:
+ mdtype = (EVP_MD *) EVP_md5();
+ break;
+ case OPENSSL_ALGO_MD4:
+ mdtype = (EVP_MD *) EVP_md4();
+ break;
+ case OPENSSL_ALGO_MD2:
+ mdtype = (EVP_MD *) EVP_md2();
+ break;
+ default:
+ return NULL;
+ break;
+ }
+ return mdtype;
+}
+/* }}} */
/* }}} */
/* {{{ PHP_MINIT_FUNCTION
@@ -1812,6 +1836,9 @@
return NULL;
} else {
/* force it to be a string and check if it refers to a file */
+ if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) {
+ return NULL;
+ }
convert_to_string_ex(val);
if (Z_STRLEN_PP(val) > 7 && memcmp(Z_STRVAL_PP(val), "file://",
sizeof("file://") - 1) == 0) {
@@ -2872,7 +2899,7 @@
}
/* }}} */
-/* {{{ proto bool openssl_sign(string data, &string signature, mixed key)
+/* {{{ proto bool openssl_sign(string data, &string signature, mixed key[, int
signature_alg])
Signs data */
PHP_FUNCTION(openssl_sign)
{
@@ -2896,23 +2923,10 @@
RETURN_FALSE;
}
- switch (signature_algo) {
- case OPENSSL_ALGO_SHA1:
- mdtype = (EVP_MD *) EVP_sha1();
- break;
- case OPENSSL_ALGO_MD5:
- mdtype = (EVP_MD *) EVP_md5();
- break;
- case OPENSSL_ALGO_MD4:
- mdtype = (EVP_MD *) EVP_md4();
- break;
- case OPENSSL_ALGO_MD2:
- mdtype = (EVP_MD *) EVP_md2();
- break;
- default:
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown
signature algorithm.");
- RETURN_FALSE;
- break;
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature
algorithm.");
+ RETURN_FALSE;
}
siglen = EVP_PKEY_size(pkey);
@@ -2943,21 +2957,29 @@
EVP_PKEY *pkey;
int err;
EVP_MD_CTX md_ctx;
+ EVP_MD *mdtype;
long keyresource = -1;
char * data; int data_len;
char * signature; int signature_len;
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz", &data,
&data_len, &signature, &signature_len, &key) == FAILURE) {
+ long signature_algo = OPENSSL_ALGO_SHA1;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz|l", &data,
&data_len, &signature, &signature_len, &key, &signature_algo) == FAILURE) {
return;
}
-
+
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature
algorithm.");
+ RETURN_FALSE;
+ }
+
pkey = php_openssl_evp_from_zval(&key, 1, NULL, 0, &keyresource
TSRMLS_CC);
if (pkey == NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied key param
cannot be coerced into a public key");
RETURN_FALSE;
}
- EVP_VerifyInit (&md_ctx, EVP_sha1());
+ EVP_VerifyInit (&md_ctx, mdtype);
EVP_VerifyUpdate (&md_ctx, data, data_len);
err = EVP_VerifyFinal (&md_ctx, signature, signature_len, pkey);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
