Skip to content

Commit a186312

Browse files
Chuan Masmalyshev
Chuan Ma
authored and
smalyshev
committed
Fix #66942: openssl_seal() memory leak
Fix #66952: memory leak in openssl_open()
1 parent 56f9727 commit a186312

File tree

2 files changed

+16
-12
lines changed

2 files changed

+16
-12
lines changed

NEWS

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,10 @@ PHP NEWS
4040
- LDAP:
4141
. Fixed issue with null bytes in LDAP bindings. (Matthew Daley)
4242

43+
- OpenSSL:
44+
. Fix bug #66942 (memory leak in openssl_seal()). (Chuan Ma)
45+
. Fix bug #66952 (memory leak in openssl_open()). (Chuan Ma)
46+
4347
- SimpleXML:
4448
. Fixed bug #66084 (simplexml_load_string() mangles empty node name)
4549
(Anatol)

ext/openssl/openssl.c

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -4321,6 +4321,7 @@ PHP_FUNCTION(openssl_seal)
43214321

43224322
if (!EVP_EncryptInit(&ctx,cipher,NULL,NULL)) {
43234323
RETVAL_FALSE;
4324+
EVP_CIPHER_CTX_cleanup(&ctx);
43244325
goto clean_exit;
43254326
}
43264327

@@ -4331,10 +4332,12 @@ PHP_FUNCTION(openssl_seal)
43314332
#endif
43324333
/* allocate one byte extra to make room for \0 */
43334334
buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx));
4335+
EVP_CIPHER_CTX_cleanup(&ctx);
43344336

43354337
if (!EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) || !EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) {
43364338
RETVAL_FALSE;
43374339
efree(buf);
4340+
EVP_CIPHER_CTX_cleanup(&ctx);
43384341
goto clean_exit;
43394342
}
43404343

@@ -4367,6 +4370,7 @@ PHP_FUNCTION(openssl_seal)
43674370
efree(buf);
43684371
}
43694372
RETVAL_LONG(len1 + len2);
4373+
EVP_CIPHER_CTX_cleanup(&ctx);
43704374

43714375
clean_exit:
43724376
for (i=0; i<nkeys; i++) {
@@ -4425,25 +4429,21 @@ PHP_FUNCTION(openssl_open)
44254429
if (EVP_OpenInit(&ctx, cipher, (unsigned char *)ekey, ekey_len, NULL, pkey) && EVP_OpenUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) {
44264430
if (!EVP_OpenFinal(&ctx, buf + len1, &len2) || (len1 + len2 == 0)) {
44274431
efree(buf);
4428-
if (keyresource == -1) {
4429-
EVP_PKEY_free(pkey);
4430-
}
4431-
RETURN_FALSE;
4432+
RETVAL_FALSE;
4433+
} else {
4434+
zval_dtor(opendata);
4435+
buf[len1 + len2] = '\0';
4436+
ZVAL_STRINGL(opendata, erealloc(buf, len1 + len2 + 1), len1 + len2, 0);
4437+
RETVAL_TRUE;
44324438
}
44334439
} else {
44344440
efree(buf);
4435-
if (keyresource == -1) {
4436-
EVP_PKEY_free(pkey);
4437-
}
4438-
RETURN_FALSE;
4441+
RETVAL_FALSE;
44394442
}
44404443
if (keyresource == -1) {
44414444
EVP_PKEY_free(pkey);
44424445
}
4443-
zval_dtor(opendata);
4444-
buf[len1 + len2] = '\0';
4445-
ZVAL_STRINGL(opendata, erealloc(buf, len1 + len2 + 1), len1 + len2, 0);
4446-
RETURN_TRUE;
4446+
EVP_CIPHER_CTX_cleanup(&ctx);
44474447
}
44484448
/* }}} */
44494449

0 commit comments

Comments
 (0)