Check and use correct signature_len type for EVP_VerifyFinal

author: Jakub Zelenka <bukka@php.net> 2015-08-17 18:43:02 +0100
committer: Jakub Zelenka <bukka@php.net> 2015-08-17 18:43:02 +0100
commit: c4a98e876c109ab4f80fbb4247ba11a31e037c41 (patch)
tree: 77dffa320a6234de98fcd869c3862b93789d20a9 /ext/openssl
parent: b28758f25395ef368d0f7de9fad1973d6d44d919 (diff)
download: php-git-c4a98e876c109ab4f80fbb4247ba11a31e037c41.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index b09f17481f..1608e5d5af 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -4822,6 +4822,10 @@ PHP_FUNCTION(openssl_verify)
 		return;
 	}
 
+	if (UINT_MAX < signature_len) {
+		php_error_docref(NULL, E_WARNING, "signature is too long");
+		RETURN_FALSE;
+	}
 	if (method == NULL || Z_TYPE_P(method) == IS_LONG) {
 		if (method != NULL) {
 			signature_algo = Z_LVAL_P(method);
@@ -4846,7 +4850,7 @@ PHP_FUNCTION(openssl_verify)
 
 	EVP_VerifyInit   (&md_ctx, mdtype);
 	EVP_VerifyUpdate (&md_ctx, data, data_len);
-	err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, (int)signature_len, pkey);
+	err = EVP_VerifyFinal(&md_ctx, (unsigned char *)signature, (unsigned int)signature_len, pkey);
 	EVP_MD_CTX_cleanup(&md_ctx);
 
 	if (keyresource == NULL) {
author	Jakub Zelenka <bukka@php.net>	2015-08-17 18:43:02 +0100
committer	Jakub Zelenka <bukka@php.net>	2015-08-17 18:43:02 +0100
commit	c4a98e876c109ab4f80fbb4247ba11a31e037c41 (patch)
tree	77dffa320a6234de98fcd869c3862b93789d20a9 /ext/openssl
parent	b28758f25395ef368d0f7de9fad1973d6d44d919 (diff)
download	php-git-c4a98e876c109ab4f80fbb4247ba11a31e037c41.tar.gz