Commit:    7b0107cc5d3d90655957680ef9cf916dce6875a7
Author:    Stanislav Malyshev <s...@php.net>         Sun, 17 Feb 2013 13:28:42 
-0800
Parents:   92b1cb3ca0b4a62c33a6a15b0e50762cac67fc5d
Branches:  PHP-5.4 PHP-5.5 master

Link:       
http://git.php.net/?p=php-src.git;a=commitdiff;h=7b0107cc5d3d90655957680ef9cf916dce6875a7

Log:
fix bug #61930: openssl corrupts ssl key resource when using 
openssl_get_publickey()

Bugs:
https://bugs.php.net/61930

Changed paths:
  M  NEWS
  M  ext/openssl/openssl.c
  A  ext/openssl/tests/bug61930.phpt


Diff:
diff --git a/NEWS b/NEWS
index 37c1332..bedc6a4 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,10 @@ PHP                                                          
              NEWS
 - Mbstring:
   . mb_split() can now handle empty matches like preg_split() does. (Moriyoshi)
 
+- OpenSSL:
+  . Fixed bug #61930 (openssl corrupts ssl key resource when using 
+    openssl_get_publickey()). (Stas)
+
 - SPL:
   . Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS).
     (patch by kr...@krizalys.com, Laruence)
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 328c1ee..d7ac117 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -3204,6 +3204,7 @@ PHP_FUNCTION(openssl_pkey_get_public)
        if (pkey == NULL) {
                RETURN_FALSE;
        }
+       zend_list_addref(Z_LVAL_P(return_value));
 }
 /* }}} */
 
@@ -3240,6 +3241,7 @@ PHP_FUNCTION(openssl_pkey_get_private)
        if (pkey == NULL) {
                RETURN_FALSE;
        }
+       zend_list_addref(Z_LVAL_P(return_value));
 }
 
 /* }}} */
diff --git a/ext/openssl/tests/bug61930.phpt b/ext/openssl/tests/bug61930.phpt
new file mode 100644
index 0000000..55dc42f
--- /dev/null
+++ b/ext/openssl/tests/bug61930.phpt
@@ -0,0 +1,24 @@
+--TEST--
+Bug #61930: openssl corrupts ssl key resource when using 
openssl_get_publickey()
+--SKIPIF--
+<?php
+if (!extension_loaded("openssl")) die("skip");
+?>
+--FILE--
+<?php
+$cert = file_get_contents(__DIR__.'/cert.crt');
+
+$data = <<<DATA
+Please verify me
+DATA;
+
+$sig = 
'f9Gyb6NV/ENn7GUa37ygTLcF93XHf5fbFTnoYF/O+fXbq3iChGUbET0RuhOsptlAODi6JsDLnJO4ikcVZo0tC1fFTj3LyCuPy3ZdgJbbVxQ/rviROCmuMFTqUW/Xa2LQYiapeCCgLQeWTLg7TM/BoHEkKbKLG/XT5jHvep1758A=';
+
+$key = openssl_get_publickey($cert);
+var_dump(openssl_get_publickey($key));
+var_dump(openssl_verify($data, base64_decode($sig), $key));
+?>
+--EXPECTF--
+resource(%d) of type (OpenSSL key)
+int(1)
+


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to