diff options
| -rw-r--r-- | ext/openssl/openssl.c | 30 | ||||
| -rw-r--r-- | ext/openssl/tests/006.phpt | 25 |
2 files changed, 43 insertions, 12 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 4f653921c1..e1f4bb56de 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -2950,8 +2950,10 @@ PHP_FUNCTION(openssl_pkey_new) OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, dmp1); OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, dmq1); OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, iqmp); - if (EVP_PKEY_assign_RSA(pkey, rsa)) { - RETURN_RESOURCE(zend_list_insert(pkey, le_key)); + if (rsa->n && rsa->d) { + if (EVP_PKEY_assign_RSA(pkey, rsa)) { + RETURN_RESOURCE(zend_list_insert(pkey, le_key)); + } } RSA_free(rsa); } @@ -2969,11 +2971,13 @@ PHP_FUNCTION(openssl_pkey_new) OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, g); OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, priv_key); OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, pub_key); - if (!dsa->priv_key && !dsa->pub_key) { - DSA_generate_key(dsa); - } - if (EVP_PKEY_assign_DSA(pkey, dsa)) { - RETURN_RESOURCE(zend_list_insert(pkey, le_key)); + if (dsa->p && dsa->q && dsa->g) { + if (!dsa->priv_key && !dsa->pub_key) { + DSA_generate_key(dsa); + } + if (EVP_PKEY_assign_DSA(pkey, dsa)) { + RETURN_RESOURCE(zend_list_insert(pkey, le_key)); + } } DSA_free(dsa); } @@ -2990,11 +2994,13 @@ PHP_FUNCTION(openssl_pkey_new) OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, g); OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, priv_key); OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, pub_key); - if (!dh->pub_key) { - DH_generate_key(dh); - } - if (EVP_PKEY_assign_DH(pkey, dh)) { - RETURN_RESOURCE(zend_list_insert(pkey, le_key)); + if (dh->p && dh->g) { + if (!dh->pub_key) { + DH_generate_key(dh); + } + if (EVP_PKEY_assign_DH(pkey, dh)) { + RETURN_RESOURCE(zend_list_insert(pkey, le_key)); + } } DH_free(dh); } diff --git a/ext/openssl/tests/006.phpt b/ext/openssl/tests/006.phpt new file mode 100644 index 0000000000..9db87ffd06 --- /dev/null +++ b/ext/openssl/tests/006.phpt @@ -0,0 +1,25 @@ +--TEST-- +openssl_pkey_new() with an empty sub-array arg generates a malformed resource +--SKIPIF-- +<?php if (!extension_loaded("openssl")) print "skip"; ?> +--FILE-- +<?php +/* openssl_pkey_get_details() segfaults when getting the information + from openssl_pkey_new() with an empty sub-array arg */ + +$rsa = array(b"rsa" => array()); +$dsa = array(b"dsa" => array()); +$dh = array(b"dh" => array()); + +openssl_pkey_get_details(openssl_pkey_new($rsa)); +openssl_pkey_get_details(openssl_pkey_new($dsa)); +openssl_pkey_get_details(openssl_pkey_new($dh)); +?> +--EXPECTF-- + +Warning: openssl_pkey_get_details() expects parameter 1 to be resource, boolean given in %s on line %d + +Warning: openssl_pkey_get_details() expects parameter 1 to be resource, boolean given in %s on line %d + +Warning: openssl_pkey_get_details() expects parameter 1 to be resource, boolean given in %s on line %d + |