diff options
author | Anatol Belski <ab@php.net> | 2016-05-06 09:30:41 +0200 |
---|---|---|
committer | Anatol Belski <ab@php.net> | 2016-05-06 09:30:41 +0200 |
commit | 5afba67bfea2486c8df0edf20677a809c1062252 (patch) | |
tree | b7514dd09ac2140f7d7e4f5094e3f8b7f3822a4b | |
parent | dd5479ea4c0f6b3dcb57af2b877e6b4bb2a0b319 (diff) | |
download | php-git-5afba67bfea2486c8df0edf20677a809c1062252.tar.gz |
Re-fix #72165
Reverted previous wrong patch, throw warning for numeric keys.
Numeric field names are not supported, see "distinguished name"
section here https://www.openssl.org/docs/manmaster/apps/req.html
-rw-r--r-- | ext/openssl/openssl.c | 5 | ||||
-rw-r--r-- | ext/openssl/tests/bug72165.phpt | 17 |
2 files changed, 22 insertions, 0 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 4a096f779a..07f41ce8b9 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -2767,6 +2767,11 @@ static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, z ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(attribs), strindex, item) { int nid; + if (NULL == strindex) { + php_error_docref(NULL, E_WARNING, "dn: numeric fild names are not supported"); + continue; + } + convert_to_string_ex(item); nid = OBJ_txt2nid(ZSTR_VAL(strindex)); diff --git a/ext/openssl/tests/bug72165.phpt b/ext/openssl/tests/bug72165.phpt new file mode 100644 index 0000000000..93b3c3d4a8 --- /dev/null +++ b/ext/openssl/tests/bug72165.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #72165 Null pointer dereference - openssl_csr_new +--SKIPIF-- +<?php +if (!extension_loaded("openssl")) die("skip"); +?> +--FILE-- +<?php +$var0 = array(0 => "hello", 1 => "world"); +$var2 = openssl_csr_new(array(0),$var0,null,array(0)); +?> +==DONE== +--EXPECTF-- +Warning: openssl_csr_new(): dn: numeric fild names are not supported in %sbug72165.php on line %d + +Warning: openssl_csr_new(): add1_attr_by_txt challengePassword_min -> 4 (failed; check error queue and value of string_mask OpenSSL option if illegal characters are reported) in %sbug72165.php on line %d +==DONE== |