pajoye Sat Jul 29 22:10:49 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/openssl openssl.c Log: - fix leak when the key is not a valid key (like false or an array) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.98.2.5&r2=1.98.2.5.2.1&diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.98.2.5 php-src/ext/openssl/openssl.c:1.98.2.5.2.1 --- php-src/ext/openssl/openssl.c:1.98.2.5 Sun Apr 30 23:43:40 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 22:10:49 2006 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: openssl.c,v 1.98.2.5 2006/04/30 23:43:40 wez Exp $ */ +/* $Id: openssl.c,v 1.98.2.5.2.1 2006/07/29 22:10:49 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -577,6 +577,30 @@ } return SUCCESS; } + +static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */ + EVP_MD *mdtype; + + switch (algo) { + case OPENSSL_ALGO_SHA1: + mdtype = (EVP_MD *) EVP_sha1(); + break; + case OPENSSL_ALGO_MD5: + mdtype = (EVP_MD *) EVP_md5(); + break; + case OPENSSL_ALGO_MD4: + mdtype = (EVP_MD *) EVP_md4(); + break; + case OPENSSL_ALGO_MD2: + mdtype = (EVP_MD *) EVP_md2(); + break; + default: + return NULL; + break; + } + return mdtype; +} +/* }}} */ /* }}} */ /* {{{ PHP_MINIT_FUNCTION @@ -1812,6 +1836,9 @@ return NULL; } else { /* force it to be a string and check if it refers to a file */ + if (Z_TYPE_PP(val) == IS_LONG || Z_TYPE_PP(val) == IS_BOOL) { + return NULL; + } convert_to_string_ex(val); if (Z_STRLEN_PP(val) > 7 && memcmp(Z_STRVAL_PP(val), "file://", sizeof("file://") - 1) == 0) { @@ -2872,7 +2899,7 @@ } /* }}} */ -/* {{{ proto bool openssl_sign(string data, &string signature, mixed key) +/* {{{ proto bool openssl_sign(string data, &string signature, mixed key[, int signature_alg]) Signs data */ PHP_FUNCTION(openssl_sign) { @@ -2896,23 +2923,10 @@ RETURN_FALSE; } - switch (signature_algo) { - case OPENSSL_ALGO_SHA1: - mdtype = (EVP_MD *) EVP_sha1(); - break; - case OPENSSL_ALGO_MD5: - mdtype = (EVP_MD *) EVP_md5(); - break; - case OPENSSL_ALGO_MD4: - mdtype = (EVP_MD *) EVP_md4(); - break; - case OPENSSL_ALGO_MD2: - mdtype = (EVP_MD *) EVP_md2(); - break; - default: - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm."); - RETURN_FALSE; - break; + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm."); + RETURN_FALSE; } siglen = EVP_PKEY_size(pkey); @@ -2943,21 +2957,29 @@ EVP_PKEY *pkey; int err; EVP_MD_CTX md_ctx; + EVP_MD *mdtype; long keyresource = -1; char * data; int data_len; char * signature; int signature_len; - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz", &data, &data_len, &signature, &signature_len, &key) == FAILURE) { + long signature_algo = OPENSSL_ALGO_SHA1; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz|l", &data, &data_len, &signature, &signature_len, &key, &signature_algo) == FAILURE) { return; } - + + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm."); + RETURN_FALSE; + } + pkey = php_openssl_evp_from_zval(&key, 1, NULL, 0, &keyresource TSRMLS_CC); if (pkey == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied key param cannot be coerced into a public key"); RETURN_FALSE; } - EVP_VerifyInit (&md_ctx, EVP_sha1()); + EVP_VerifyInit (&md_ctx, mdtype); EVP_VerifyUpdate (&md_ctx, data, data_len); err = EVP_VerifyFinal (&md_ctx, signature, signature_len, pkey);
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php