Commit: 7b0107cc5d3d90655957680ef9cf916dce6875a7 Author: Stanislav Malyshev <s...@php.net> Sun, 17 Feb 2013 13:28:42 -0800 Parents: 92b1cb3ca0b4a62c33a6a15b0e50762cac67fc5d Branches: PHP-5.4 PHP-5.5 master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=7b0107cc5d3d90655957680ef9cf916dce6875a7 Log: fix bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey() Bugs: https://bugs.php.net/61930 Changed paths: M NEWS M ext/openssl/openssl.c A ext/openssl/tests/bug61930.phpt Diff: diff --git a/NEWS b/NEWS index 37c1332..bedc6a4 100644 --- a/NEWS +++ b/NEWS @@ -12,6 +12,10 @@ PHP NEWS - Mbstring: . mb_split() can now handle empty matches like preg_split() does. (Moriyoshi) +- OpenSSL: + . Fixed bug #61930 (openssl corrupts ssl key resource when using + openssl_get_publickey()). (Stas) + - SPL: . Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS). (patch by kr...@krizalys.com, Laruence) diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 328c1ee..d7ac117 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -3204,6 +3204,7 @@ PHP_FUNCTION(openssl_pkey_get_public) if (pkey == NULL) { RETURN_FALSE; } + zend_list_addref(Z_LVAL_P(return_value)); } /* }}} */ @@ -3240,6 +3241,7 @@ PHP_FUNCTION(openssl_pkey_get_private) if (pkey == NULL) { RETURN_FALSE; } + zend_list_addref(Z_LVAL_P(return_value)); } /* }}} */ diff --git a/ext/openssl/tests/bug61930.phpt b/ext/openssl/tests/bug61930.phpt new file mode 100644 index 0000000..55dc42f --- /dev/null +++ b/ext/openssl/tests/bug61930.phpt @@ -0,0 +1,24 @@ +--TEST-- +Bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey() +--SKIPIF-- +<?php +if (!extension_loaded("openssl")) die("skip"); +?> +--FILE-- +<?php +$cert = file_get_contents(__DIR__.'/cert.crt'); + +$data = <<<DATA +Please verify me +DATA; + +$sig = 'f9Gyb6NV/ENn7GUa37ygTLcF93XHf5fbFTnoYF/O+fXbq3iChGUbET0RuhOsptlAODi6JsDLnJO4ikcVZo0tC1fFTj3LyCuPy3ZdgJbbVxQ/rviROCmuMFTqUW/Xa2LQYiapeCCgLQeWTLg7TM/BoHEkKbKLG/XT5jHvep1758A='; + +$key = openssl_get_publickey($cert); +var_dump(openssl_get_publickey($key)); +var_dump(openssl_verify($data, base64_decode($sig), $key)); +?> +--EXPECTF-- +resource(%d) of type (OpenSSL key) +int(1) + -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php