diff options
| author | Jakub Zelenka <bukka@php.net> | 2017-01-25 19:55:05 +0000 |
|---|---|---|
| committer | Jakub Zelenka <bukka@php.net> | 2017-01-25 19:55:05 +0000 |
| commit | 519b0dc886aed287e5c3472df9c879186f5112c2 (patch) | |
| tree | 0042bbacac1d73697f28e43e62028459220a3962 | |
| parent | d0272ef1ef262ad4103586bdba468586e33b5f56 (diff) | |
| download | php-git-519b0dc886aed287e5c3472df9c879186f5112c2.tar.gz | |
Fix bug #73978 (openssl_decrypt triggers bug in PDO)
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | ext/openssl/openssl.c | 10 |
2 files changed, 8 insertions, 3 deletions
@@ -50,6 +50,7 @@ PHP NEWS - OpenSSL: . Fixed bug #71519 (add serial hex to return value array). (xrobau) . Fixed bug #73692 (Compile ext/openssl with openssl 1.1.0 on Win). (Anatol) + . Fixed bug #73978 (openssl_decrypt triggers bug in PDO). (Jakub Zelenka) - PDO_Firebird: . Implemented FR #72583 (All data are fetched as strings). (Dorin Marcoci) diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 643ac26fd4..47a28a1111 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -6256,6 +6256,7 @@ static int php_openssl_cipher_init(const EVP_CIPHER *cipher_type, } if (!EVP_CipherInit_ex(cipher_ctx, cipher_type, NULL, NULL, NULL, enc)) { + php_openssl_store_errors(); return FAILURE; } if (php_openssl_validate_iv(piv, piv_len, max_iv_len, free_iv, cipher_ctx, mode) == FAILURE) { @@ -6271,10 +6272,11 @@ static int php_openssl_cipher_init(const EVP_CIPHER *cipher_type, return FAILURE; } } - if (password_len > key_len) { - EVP_CIPHER_CTX_set_key_length(cipher_ctx, password_len); + if (password_len > key_len && !EVP_CIPHER_CTX_set_key_length(cipher_ctx, password_len)) { + php_openssl_store_errors(); } if (!EVP_CipherInit_ex(cipher_ctx, NULL, NULL, key, (unsigned char *)*piv, enc)) { + php_openssl_store_errors(); return FAILURE; } if (options & OPENSSL_ZERO_PADDING) { @@ -6293,11 +6295,13 @@ static int php_openssl_cipher_update(const EVP_CIPHER *cipher_type, int i = 0; if (mode->is_single_run_aead && !EVP_EncryptUpdate(cipher_ctx, NULL, &i, NULL, (int)data_len)) { + php_openssl_store_errors(); php_error_docref(NULL, E_WARNING, "Setting of data length failed"); return FAILURE; } if (mode->is_aead && !EVP_CipherUpdate(cipher_ctx, NULL, &i, (unsigned char *)aad, (int)aad_len)) { + php_openssl_store_errors(); php_error_docref(NULL, E_WARNING, "Setting of additional application data failed"); return FAILURE; } @@ -6314,6 +6318,7 @@ static int php_openssl_cipher_update(const EVP_CIPHER *cipher_type, php_error_docref(NULL, E_WARNING, enc ? "Encryption failed" : "Decryption failed"); } */ + php_openssl_store_errors(); zend_string_release(*poutbuf); return FAILURE; } @@ -6363,7 +6368,6 @@ PHP_FUNCTION(openssl_encrypt) php_openssl_load_cipher_mode(&mode, cipher_type); - if (php_openssl_cipher_init(cipher_type, cipher_ctx, &mode, &password, &password_len, &free_password, &iv, &iv_len, &free_iv, NULL, tag_len, options, 1) == FAILURE || |