Edit report at https://bugs.php.net/bug.php?id=60895&edit=1
ID: 60895
Updated by: paj...@php.net
Reported by: root at ihack dot net
Summary: null pointer dereference in
php_win32_free_rng_lock()
-Status: Open
+Status: Closed
Type: Bug
Package: Unknown/Other Function
Operating System: Windows Server 2008 R2 x64
PHP Version: 5.3.9
-Assigned To:
+Assigned To: pajoye
Block user comment: N
Private report: N
New Comment:
This bug has been fixed in SVN.
Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
For Windows:
http://windows.php.net/snapshots/
Thank you for the report, and for helping us make PHP better.
Previous Comments:
------------------------------------------------------------------------
[2012-01-27 10:56:31] paj...@php.net
Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&revision=322843
Log: - fix #60895, possible invalid handler usage
------------------------------------------------------------------------
[2012-01-26 19:47:22] root at ihack dot net
BTW, this bug was introduced in revision 312201, during the 5.3.7 release cycle.
------------------------------------------------------------------------
[2012-01-26 19:45:21] root at ihack dot net
Description:
------------
If php_win32_get_random_bytes() has never been called, then this line of code:
+ CryptReleaseContext(hCryptProv, 0);
passes a null pointer, resulting in a C0000005 exception in
CryptReleaseContext(). This line should be preceded by:
if (has_crypto_ctx)
This was specifically tested with the windows.php.net 32-bit TS build running
on
64-bit Windows. I do not know how it behaves in other configurations.
Test script:
---------------
I do not have a short test case, but the bug is pretty obvious.
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=60895&edit=1
