File tree Expand file tree Collapse file tree 2 files changed +15
-0
lines changed
Expand file tree Collapse file tree 2 files changed +15
-0
lines changed Original file line number Diff line number Diff line change @@ -38,6 +38,10 @@ PHP NEWS
3838
3939- OpenSSL:
4040 . Fix memory leaks when sk_X509_new_null() fails. (ndossche)
41+ . Fix crash when in openssl_x509_parse() when i2s_ASN1_INTEGER() fails.
42+ (ndossche)
43+ . Fix crash in openssl_x509_parse() when X509_NAME_oneline() fails.
44+ (ndossche)
4145
4246- Phar:
4347 . Fixed bug GH-20882 (buildFromIterator breaks with missing base directory).
Original file line number Diff line number Diff line change @@ -1030,6 +1030,11 @@ PHP_FUNCTION(openssl_x509_parse)
10301030
10311031 subject_name = X509_get_subject_name (cert );
10321032 cert_name = X509_NAME_oneline (subject_name , NULL , 0 );
1033+ if (cert_name == NULL ) {
1034+ php_openssl_store_errors ();
1035+ goto err ;
1036+ }
1037+
10331038 add_assoc_string (return_value , "name" , cert_name );
10341039 OPENSSL_free (cert_name );
10351040
@@ -1062,6 +1067,12 @@ PHP_FUNCTION(openssl_x509_parse)
10621067 }
10631068
10641069 str_serial = i2s_ASN1_INTEGER (NULL , asn1_serial );
1070+ /* Can return NULL on error or memory allocation failure */
1071+ if (!str_serial ) {
1072+ php_openssl_store_errors ();
1073+ goto err ;
1074+ }
1075+
10651076 add_assoc_string (return_value , "serialNumber" , str_serial );
10661077 OPENSSL_free (str_serial );
10671078
You can’t perform that action at this time.
0 commit comments