mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-11-27 11:53:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-8.2' into PHP-8.3

Browse Source 
* PHP-8.2:
  Fix memory leaks in ext/sodium on failure of some functions
This commit is contained in:
Niels Dossche 2024-05-23 22:40:54 +02:00
commit af444f97e1
No known key found for this signature in database
GPG Key ID: B8A8AD166DF0E2E5
3 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
NEWS
View File

@ -6,6 +6,9 @@ PHP NEWS
. Fixed bug GH-14267 (opcache.jit=off does not allow enabling JIT at runtime).
(ilutov)
- Sodium:
. Fix memory leaks in ext/sodium on failure of some functions. (nielsdos)
- SPL:
. Fixed bug GH-14290 (Member access within null pointer in extension spl).
(nielsdos)

7
ext/sodium/libsodium.c
View File

@ -992,6 +992,7 @@ PHP_FUNCTION(sodium_crypto_sign_publickey_from_secretkey)
if (crypto_sign_ed25519_sk_to_pk((unsigned char *) ZSTR_VAL(publickey),
(const unsigned char *) secretkey) != 0) {
zend_string_efree(publickey);
zend_throw_exception(sodium_exception_ce,
"internal error", 0);
RETURN_THROWS();
@ -2475,6 +2476,7 @@ PHP_FUNCTION(sodium_crypto_kx_seed_keypair)
crypto_generichash(sk, crypto_kx_SECRETKEYBYTES,
seed, crypto_kx_SEEDBYTES, NULL, 0);
if (crypto_scalarmult_base(pk, sk) != 0) {
zend_string_efree(keypair);
zend_throw_exception(sodium_exception_ce, "internal error", 0);
RETURN_THROWS();
}
@ -2496,6 +2498,7 @@ PHP_FUNCTION(sodium_crypto_kx_keypair)
pk = sk + crypto_kx_SECRETKEYBYTES;
randombytes_buf(sk, crypto_kx_SECRETKEYBYTES);
if (crypto_scalarmult_base(pk, sk) != 0) {
zend_string_efree(keypair);
zend_throw_exception(sodium_exception_ce, "internal error", 0);
RETURN_THROWS();
}
@ -2672,6 +2675,7 @@ PHP_FUNCTION(sodium_crypto_auth)
if (crypto_auth((unsigned char *) ZSTR_VAL(mac),
(const unsigned char *) msg, msg_len,
(const unsigned char *) key) != 0) {
zend_string_efree(mac);
zend_throw_exception(sodium_exception_ce, "internal error", 0);
RETURN_THROWS();
}
@ -2731,6 +2735,7 @@ PHP_FUNCTION(sodium_crypto_sign_ed25519_sk_to_curve25519)
if (crypto_sign_ed25519_sk_to_curve25519((unsigned char *) ZSTR_VAL(ecdhkey),
(const unsigned char *) eddsakey) != 0) {
zend_string_efree(ecdhkey);
zend_throw_exception(sodium_exception_ce, "conversion failed", 0);
RETURN_THROWS();
}
@ -2758,6 +2763,7 @@ PHP_FUNCTION(sodium_crypto_sign_ed25519_pk_to_curve25519)
if (crypto_sign_ed25519_pk_to_curve25519((unsigned char *) ZSTR_VAL(ecdhkey),
(const unsigned char *) eddsakey) != 0) {
zend_string_efree(ecdhkey);
zend_throw_exception(sodium_exception_ce, "conversion failed", 0);
RETURN_THROWS();
}
@ -3036,6 +3042,7 @@ PHP_FUNCTION(sodium_pad)
#if SODIUM_LIBRARY_VERSION_MAJOR > 9 || (SODIUM_LIBRARY_VERSION_MAJOR == 9 && SODIUM_LIBRARY_VERSION_MINOR >= 6)
if (sodium_pad(NULL, (unsigned char *) ZSTR_VAL(padded), unpadded_len,
(size_t) blocksize, xpadded_len + 1U) != 0) {
zend_string_efree(padded);
zend_throw_exception(sodium_exception_ce, "internal error", 0);
RETURN_THROWS();
}

16
ext/sodium/tests/sodium_crypto_sign_ed25519_pk_to_curve25519_failure_leak.phpt Normal file
View File

@ -0,0 +1,16 @@
--TEST--
Memory leak on sodium_crypto_sign_ed25519_pk_to_curve25519() failure
--EXTENSIONS--
sodium
--FILE--
<?php
try {
sodium_crypto_sign_ed25519_pk_to_curve25519(str_repeat("\x00", SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES));
} catch (SodiumException $e) {
echo $e->getMessage();
}
?>
--EXPECT--
conversion failed