diff options
| -rw-r--r-- | configure.ac | 14 | ||||
| -rw-r--r-- | ext/mysqlnd/mysqlnd_auth.c | 10 | ||||
| -rw-r--r-- | ext/mysqlnd/mysqlnd_wireprotocol.c | 7 |
3 files changed, 8 insertions, 23 deletions
diff --git a/configure.ac b/configure.ac index 501730ba47..f7fb19eff4 100644 --- a/configure.ac +++ b/configure.ac @@ -737,20 +737,6 @@ if test "$ac_cv__asm_goto" = yes; then AC_DEFINE(HAVE_ASM_GOTO,1,[Define if asm goto support]) fi -dnl Check for variable length array support. -AC_CACHE_CHECK([whether compiler supports VLA], ac_cv__compiler_c99_vla, -[AC_RUN_IFELSE([AC_LANG_SOURCE([[ - #include <stdlib.h> - int main(void) { - int i[rand()%10]; - return 0; - } - ]])],[ac_cv__compiler_c99_vla=yes], [ac_cv__compiler_c99_vla=no], [ac_cv__compiler_c99_vla=no])]) - -if test "$ac_cv__compiler_c99_vla" = yes; then - AC_DEFINE(HAVE_COMPILER_C99_VLA, 1, [Compiler supports VLA]) -fi - dnl Check valgrind support. PHP_ARG_WITH([valgrind], [whether to enable valgrind support], diff --git a/ext/mysqlnd/mysqlnd_auth.c b/ext/mysqlnd/mysqlnd_auth.c index 24c77220fc..14a65eed0d 100644 --- a/ext/mysqlnd/mysqlnd_auth.c +++ b/ext/mysqlnd/mysqlnd_auth.c @@ -806,7 +806,8 @@ mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self if (server_public_key) { int server_public_key_len; - char xor_str[passwd_len + 1]; + ALLOCA_FLAG(use_heap); + char *xor_str = do_alloca(passwd_len + 1, use_heap); memcpy(xor_str, passwd, passwd_len); xor_str[passwd_len] = '\0'; mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len); @@ -819,6 +820,7 @@ mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self */ if ((size_t) server_public_key_len - 41 <= passwd_len) { /* password message is to long */ + free_alloca(xor_str, use_heap); SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long"); DBG_ERR("password is too long"); DBG_RETURN(NULL); @@ -828,6 +830,7 @@ mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self ret = malloc(*auth_data_len); RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, ret, server_public_key, RSA_PKCS1_OAEP_PADDING); RSA_free(server_public_key); + free_alloca(xor_str, use_heap); } } @@ -1025,7 +1028,8 @@ mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn, if (server_public_key) { int server_public_key_len; - char xor_str[passwd_len + 1]; + ALLOCA_FLAG(use_heap) + char *xor_str = do_alloca(passwd_len + 1, use_heap); memcpy(xor_str, passwd, passwd_len); xor_str[passwd_len] = '\0'; mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, SCRAMBLE_LENGTH); @@ -1038,6 +1042,7 @@ mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn, */ if ((size_t) server_public_key_len - 41 <= passwd_len) { /* password message is to long */ + free_alloca(xor_str, use_heap); SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long"); DBG_ERR("password is too long"); DBG_RETURN(0); @@ -1045,6 +1050,7 @@ mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn, *crypted = emalloc(server_public_key_len); RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, *crypted, server_public_key, RSA_PKCS1_OAEP_PADDING); + free_alloca(xor_str, use_heap); DBG_RETURN(server_public_key_len); } DBG_RETURN(0); diff --git a/ext/mysqlnd/mysqlnd_wireprotocol.c b/ext/mysqlnd/mysqlnd_wireprotocol.c index ba289a6fce..b9a91c900e 100644 --- a/ext/mysqlnd/mysqlnd_wireprotocol.c +++ b/ext/mysqlnd/mysqlnd_wireprotocol.c @@ -2141,12 +2141,8 @@ size_t php_mysqlnd_cached_sha2_result_write(MYSQLND_CONN_DATA * conn, void * _pa MYSQLND_PFC * pfc = conn->protocol_frame_codec; MYSQLND_VIO * vio = conn->vio; MYSQLND_STATS * stats = conn->stats; -#if HAVE_COMPILER_C99_VLA - zend_uchar buffer[MYSQLND_HEADER_SIZE + packet->password_len + 1]; -#else ALLOCA_FLAG(use_heap) zend_uchar *buffer = do_alloca(MYSQLND_HEADER_SIZE + packet->password_len + 1, use_heap); -#endif size_t sent; DBG_ENTER("php_mysqlnd_cached_sha2_result_write"); @@ -2159,10 +2155,7 @@ size_t php_mysqlnd_cached_sha2_result_write(MYSQLND_CONN_DATA * conn, void * _pa sent = pfc->data->m.send(pfc, vio, buffer, packet->password_len, stats, error_info); } -#if !HAVE_COMPILER_C99_VLA free_alloca(buffer, use_heap); -#endif - DBG_RETURN(sent); } |