php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-8.2' into PHP-8.3

Browse Source 
* PHP-8.2:
  Fix potential NULL pointer dereference before calling EVP_SignInit
This commit is contained in:
Niels Dossche
2024-04-08 19:31:13 +02:00
parent f52b2a9cdc 6f8bda0582
commit 07fe3b2920
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS
View File

@@ -30,6 +30,7 @@ PHP NEWS
filename causes a NULL pointer dereference). (nielsdos)
. Fixed bug GH-13833 (Applying zero offset to null pointer in zend_hash.c).
(nielsdos)
. Fix potential NULL pointer dereference before calling EVP_SignInit. (icy17)
- PHPDBG:
. Fixed bug GH-13827 (Null pointer access of type 'zval' in phpdbg_frame).

7
ext/phar/util.c
View File

@@ -1890,6 +1890,13 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
}
md_ctx = EVP_MD_CTX_create();
if (md_ctx == NULL) {
EVP_PKEY_free(key);
if (error) {
spprintf(error, 0, "unable to initialize openssl signature for phar \"%s\"", phar->fname);
}
return FAILURE;
}
siglen = EVP_PKEY_size(key);
sigbuf = emalloc(siglen + 1);