Skip to content

Commit 62afc7a

Browse files
ndosschendossche
committed
Fix crash in openssl_x509_parse() when X509_NAME_oneline() fails
The X509_NAME_oneline() function can return NULL, which will cause a crash when the string length is computed via add_assoc_string(). Closes GH-21010.
1 parent c2eadb4 commit 62afc7a

File tree

2 files changed

+7
-0
lines changed

2 files changed

+7
-0
lines changed

NEWS

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,8 @@ PHP NEWS
3434
. Fix memory leaks when sk_X509_new_null() fails. (ndossche)
3535
. Fix crash when in openssl_x509_parse() when i2s_ASN1_INTEGER() fails.
3636
(ndossche)
37+
. Fix crash in openssl_x509_parse() when X509_NAME_oneline() fails.
38+
(ndossche)
3739

3840
- Phar:
3941
. Fixed bug GH-20882 (buildFromIterator breaks with missing base directory).

ext/openssl/openssl.c

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2134,6 +2134,11 @@ PHP_FUNCTION(openssl_x509_parse)
21342134

21352135
subject_name = X509_get_subject_name(cert);
21362136
cert_name = X509_NAME_oneline(subject_name, NULL, 0);
2137+
if (cert_name == NULL) {
2138+
php_openssl_store_errors();
2139+
goto err;
2140+
}
2141+
21372142
add_assoc_string(return_value, "name", cert_name);
21382143
OPENSSL_free(cert_name);
21392144

0 commit comments

Comments
 (0)