shm Thu, 10 Nov 2011 10:33:07 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=318987
Log:
Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
ssl_handle of session_stream is not initialized.
Changed paths:
U php/php-src/trunk/ext/openssl/xp_ssl.c
Modified: php/php-src/trunk/ext/openssl/xp_ssl.c
===================================================================
--- php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 09:43:25 UTC (rev
318986)
+++ php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 10:33:07 UTC (rev
318987)
@@ -406,6 +406,8 @@
if (cparam->inputs.session) {
if (cparam->inputs.session->ops != &php_openssl_socket_ops) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied
session stream must be an SSL enabled stream");
+ } else if
(((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle
== NULL) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied
SSL session stream is not initialized");
} else {
SSL_copy_session_id(sslsock->ssl_handle,
((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
