shm Thu, 10 Nov 2011 10:33:07 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=318987
Log: Fixed NULL pointer dereference in stream_socket_enable_crypto, case when ssl_handle of session_stream is not initialized. Changed paths: U php/php-src/trunk/ext/openssl/xp_ssl.c Modified: php/php-src/trunk/ext/openssl/xp_ssl.c =================================================================== --- php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 09:43:25 UTC (rev 318986) +++ php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 10:33:07 UTC (rev 318987) @@ -406,6 +406,8 @@ if (cparam->inputs.session) { if (cparam->inputs.session->ops != &php_openssl_socket_ops) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied session stream must be an SSL enabled stream"); + } else if (((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle == NULL) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied SSL session stream is not initialized"); } else { SSL_copy_session_id(sslsock->ssl_handle, ((php_openssl_netstream_data_t*)cparam->inputs.session->abstract)->ssl_handle); }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php