php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-8.3' into PHP-8.4

Browse Source 
* PHP-8.3:
  Fix error return check of EVP_CIPHER_CTX_ctrl()
  Fix memleak on failure in collator_get_sort_key()
This commit is contained in:
Niels Dossche
2025-07-15 20:38:22 +02:00
parent f938f356cb cd8722304c
commit 0f731b455c
3 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@@ -2,9 +2,13 @@ PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? ????, PHP 8.4.12
- Intl:
. Fix memleak on failure in collator_get_sort_key(). (nielsdos)
- OpenSSL:
. Fixed bug GH-18986 (OpenSSL backend: incorrect RAND_{load,write}_file()
return value check). (nielsdos, botovq)
. Fix error return check of EVP_CIPHER_CTX_ctrl(). (nielsdos)
31 Jul 2025, PHP 8.4.11

1
ext/intl/collator/collator_sort.c
View File

@@ -556,6 +556,7 @@ PHP_FUNCTION( collator_get_sort_key )
key_len = ucol_getSortKey(co->ucoll, ustr, ustr_len, (uint8_t*)ZSTR_VAL(key_str), key_len);
efree( ustr );
if(!key_len) {
zend_string_efree(key_str);
RETURN_FALSE;
}
ZSTR_LEN(key_str) = key_len - 1;

8
ext/openssl/openssl.c
View File

@@ -7692,7 +7692,7 @@ static int php_openssl_validate_iv(const char **piv, size_t *piv_len, size_t iv_
char *iv_new;
if (mode->is_aead) {
if (EVP_CIPHER_CTX_ctrl(cipher_ctx, mode->aead_ivlen_flag, *piv_len, NULL) != 1) {
if (EVP_CIPHER_CTX_ctrl(cipher_ctx, mode->aead_ivlen_flag, *piv_len, NULL) <= 0) {
php_error_docref(NULL, E_WARNING, "Setting of IV length for AEAD mode failed");
return FAILURE;
}
@@ -7764,7 +7764,7 @@ static int php_openssl_cipher_init(const EVP_CIPHER *cipher_type,
return FAILURE;
}
if (mode->set_tag_length_always || (enc && mode->set_tag_length_when_encrypting)) {
if (!EVP_CIPHER_CTX_ctrl(cipher_ctx, mode->aead_set_tag_flag, tag_len, NULL)) {
if (EVP_CIPHER_CTX_ctrl(cipher_ctx, mode->aead_set_tag_flag, tag_len, NULL) <= 0) {
php_error_docref(NULL, E_WARNING, "Setting tag length for AEAD cipher failed");
return FAILURE;
}
@@ -7772,7 +7772,7 @@ static int php_openssl_cipher_init(const EVP_CIPHER *cipher_type,
if (!enc && tag && tag_len > 0) {
if (!mode->is_aead) {
php_error_docref(NULL, E_WARNING, "The tag cannot be used because the cipher algorithm does not support AEAD");
} else if (!EVP_CIPHER_CTX_ctrl(cipher_ctx, mode->aead_set_tag_flag, tag_len, (unsigned char *) tag)) {
} else if (EVP_CIPHER_CTX_ctrl(cipher_ctx, mode->aead_set_tag_flag, tag_len, (unsigned char *) tag) <= 0) {
php_error_docref(NULL, E_WARNING, "Setting tag for AEAD cipher decryption failed");
return FAILURE;
}
@@ -7910,7 +7910,7 @@ PHP_OPENSSL_API zend_string* php_openssl_encrypt(
if (mode.is_aead && tag) {
zend_string *tag_str = zend_string_alloc(tag_len, 0);
if (EVP_CIPHER_CTX_ctrl(cipher_ctx, mode.aead_get_tag_flag, tag_len, ZSTR_VAL(tag_str)) == 1) {
if (EVP_CIPHER_CTX_ctrl(cipher_ctx, mode.aead_get_tag_flag, tag_len, ZSTR_VAL(tag_str)) > 0) {
ZSTR_VAL(tag_str)[tag_len] = '\0';
ZSTR_LEN(tag_str) = tag_len;
ZEND_TRY_ASSIGN_REF_NEW_STR(tag, tag_str);