[PHP-DEV] A patch for Bug #61124

Kiyoto Tamura Sun, 19 Feb 2012 01:14:56 -0800

I propose the following patch to prevent segfault for openssl_decrypt as 
detailed in https://bugs.php.net/bug.php?id=61124


Index: ext/openssl/openssl.c
===================================================================
--- ext/openssl/openssl.c       (revision 323312)
+++ ext/openssl/openssl.c       (working copy)
@@ -4801,6 +4801,10 @@
                base64_str = (char*)php_base64_decode((unsigned char*)data, 
data_len, &base64_str_len);
                data_len = base64_str_len;
                data = base64_str;
+               if (data == NULL) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to 
decode the base64 input");
+                       RETURN_FALSE;
+               }
        }
 
        keylen = EVP_CIPHER_key_length(cipher_type);

Feedback is appreciated. Thanks!

Kiyoto
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DEV] A patch for Bug #61124

Reply via email to