diff options
| -rw-r--r-- | ext/openssl/openssl.c | 15 | ||||
| -rw-r--r-- | ext/openssl/tests/bug72165.phpt | 6 |
2 files changed, 10 insertions, 11 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 44b3fa4985..07f41ce8b9 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -2764,18 +2764,17 @@ static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, z } } if (attribs) { - zend_long numindex; - ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(attribs), numindex, strindex, item) { + ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(attribs), strindex, item) { int nid; - convert_to_string_ex(item); if (NULL == strindex) { - char tmp[ZEND_LTOA_BUF_LEN]; - ZEND_LTOA(numindex, tmp, ZEND_LTOA_BUF_LEN); - nid = OBJ_txt2nid(tmp); - } else { - nid = OBJ_txt2nid(ZSTR_VAL(strindex)); + php_error_docref(NULL, E_WARNING, "dn: numeric fild names are not supported"); + continue; } + + convert_to_string_ex(item); + + nid = OBJ_txt2nid(ZSTR_VAL(strindex)); if (nid != NID_undef) { if (!X509_NAME_add_entry_by_NID(subj, nid, MBSTRING_UTF8, (unsigned char*)Z_STRVAL_P(item), -1, -1, 0)) { php_error_docref(NULL, E_WARNING, "attribs: add_entry_by_NID %d -> %s (failed)", nid, Z_STRVAL_P(item)); diff --git a/ext/openssl/tests/bug72165.phpt b/ext/openssl/tests/bug72165.phpt index c7e0d1a7c6..93b3c3d4a8 100644 --- a/ext/openssl/tests/bug72165.phpt +++ b/ext/openssl/tests/bug72165.phpt @@ -1,8 +1,8 @@ --TEST-- Bug #72165 Null pointer dereference - openssl_csr_new --SKIPIF-- -<?php -if (!extension_loaded("openssl")) die("skip"); +<?php +if (!extension_loaded("openssl")) die("skip"); ?> --FILE-- <?php @@ -11,7 +11,7 @@ $var2 = openssl_csr_new(array(0),$var0,null,array(0)); ?> ==DONE== --EXPECTF-- -Warning: openssl_csr_new(): dn: is not a recognized name in %sbug72165.php on line %d +Warning: openssl_csr_new(): dn: numeric fild names are not supported in %sbug72165.php on line %d Warning: openssl_csr_new(): add1_attr_by_txt challengePassword_min -> 4 (failed; check error queue and value of string_mask OpenSSL option if illegal characters are reported) in %sbug72165.php on line %d ==DONE== |