clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-21 18:07:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://git.php.net/repository/php-src

Browse Source
This commit is contained in:
Xinchen Hui 2015-01-30 22:11:50 +08:00
commit 35c5855201
5 changed files with 143 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ext/date/php_date.c
View File

@ -1441,7 +1441,7 @@ PHPAPI zend_long php_parse_date(char *string, zend_long *now)
Convert string representation of date and time to a timestamp */
PHP_FUNCTION(strtotime)
{
char *times, *initial_ts;
char *times;
size_t time_len;
int error1, error2;
struct timelib_error_container *error;

2
ext/intl/calendar/calendar_methods.cpp
View File

@ -1246,7 +1246,7 @@ U_CFUNC PHP_FUNCTION(intlcal_to_date_time)
int64_t ts;
char ts_str[sizeof("@-9223372036854775808")];
int ts_str_len;
zval ts_tmp, ts_zval, tmp;
zval ts_zval, tmp;
INTL_METHOD_CHECK_STATUS(co, "Call to ICU method has failed");

179
ext/openssl/openssl.c
View File

@ -845,13 +845,30 @@ static int add_oid_section(struct php_x509_request * req) /* {{{ */
#define SET_OPTIONAL_LONG_ARG(key, varname, defval) \
if (optional_args && (item = zend_hash_str_find(Z_ARRVAL_P(optional_args), key, sizeof(key)-1)) != NULL && Z_TYPE_P(item) == IS_LONG) \
varname = Z_LVAL_P(item); \
varname = (int)Z_LVAL_P(item); \
else \
varname = defval
static const EVP_CIPHER * php_openssl_get_evp_cipher_from_algo(zend_long algo);
int openssl_spki_cleanup(const char *src, char *dest);
/* {{{ strip line endings from spkac */
static int openssl_spki_cleanup(const char *src, char *dest)
{
int removed=0;
while (*src) {
if (*src!='\n'&&*src!='\r') {
*dest++=*src;
} else {
++removed;
}
++src;
}
*dest=0;
return removed;
}
/* }}} */
static int php_openssl_parse_config(struct php_x509_request * req, zval * optional_args) /* {{{ */
{
@ -1377,7 +1394,7 @@ static X509 * php_openssl_x509_from_zval(zval * val, int makeresource, zend_reso
} else {
BIO *in;
in = BIO_new_mem_buf(Z_STRVAL_P(val), Z_STRLEN_P(val));
in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val));
if (in == NULL) {
return NULL;
}
@ -1493,7 +1510,10 @@ PHP_FUNCTION(openssl_spki_new)
}
if (challenge) {
ASN1_STRING_set(spki->spkac->challenge, challenge, challenge_len);
if (!ASN1_STRING_set(spki->spkac->challenge, challenge, (int)challenge_len)) {
php_error_docref(NULL, E_WARNING, "Unable to set challenge data");
goto cleanup;
}
}
if (!NETSCAPE_SPKI_set_pubkey(spki, pkey)) {
@ -1546,7 +1566,7 @@ cleanup:
PHP_FUNCTION(openssl_spki_verify)
{
size_t spkstr_len;
int i = 0;
int i = 0, spkstr_cleaned_len = 0;
char *spkstr = NULL, * spkstr_cleaned = NULL;
EVP_PKEY *pkey = NULL;
@ -1563,14 +1583,14 @@ PHP_FUNCTION(openssl_spki_verify)
}
spkstr_cleaned = emalloc(spkstr_len + 1);
openssl_spki_cleanup(spkstr, spkstr_cleaned);
spkstr_cleaned_len = (int)(spkstr_len - openssl_spki_cleanup(spkstr, spkstr_cleaned));
if (strlen(spkstr_cleaned)<=0) {
if (spkstr_cleaned_len == 0) {
php_error_docref(NULL, E_WARNING, "Invalid SPKAC");
goto cleanup;
}
spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned));
spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, spkstr_cleaned_len);
if (spki == NULL) {
php_error_docref(NULL, E_WARNING, "Unable to decode supplied SPKAC");
goto cleanup;
@ -1608,6 +1628,7 @@ PHP_FUNCTION(openssl_spki_export)
{
size_t spkstr_len;
char *spkstr = NULL, * spkstr_cleaned = NULL, * s = NULL;
int spkstr_cleaned_len;
EVP_PKEY *pkey = NULL;
NETSCAPE_SPKI *spki = NULL;
@ -1624,9 +1645,14 @@ PHP_FUNCTION(openssl_spki_export)
}
spkstr_cleaned = emalloc(spkstr_len + 1);
openssl_spki_cleanup(spkstr, spkstr_cleaned);
spkstr_cleaned_len = (int)(spkstr_len - openssl_spki_cleanup(spkstr, spkstr_cleaned));
spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned));
if (spkstr_cleaned_len == 0) {
php_error_docref(NULL, E_WARNING, "Invalid SPKAC");
goto cleanup;
}
spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, spkstr_cleaned_len);
if (spki == NULL) {
php_error_docref(NULL, E_WARNING, "Unable to decode supplied SPKAC");
goto cleanup;
@ -1668,6 +1694,7 @@ PHP_FUNCTION(openssl_spki_export_challenge)
{
size_t spkstr_len;
char *spkstr = NULL, * spkstr_cleaned = NULL;
int spkstr_cleaned_len;
NETSCAPE_SPKI *spki = NULL;
@ -1682,9 +1709,14 @@ PHP_FUNCTION(openssl_spki_export_challenge)
}
spkstr_cleaned = emalloc(spkstr_len + 1);
openssl_spki_cleanup(spkstr, spkstr_cleaned);
spkstr_cleaned_len = (int)(spkstr_len - openssl_spki_cleanup(spkstr, spkstr_cleaned));
spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned));
if (spkstr_cleaned_len == 0) {
php_error_docref(NULL, E_WARNING, "Invalid SPKAC");
goto cleanup;
}
spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, spkstr_cleaned_len);
if (spki == NULL) {
php_error_docref(NULL, E_WARNING, "Unable to decode SPKAC");
goto cleanup;
@ -1700,24 +1732,6 @@ cleanup:
}
/* }}} */
/* {{{ strip line endings from spkac */
int openssl_spki_cleanup(const char *src, char *dest)
{
int removed=0;
while (*src) {
if (*src!='\n'&&*src!='\r') {
*dest++=*src;
} else {
++removed;
}
++src;
}
*dest=0;
return removed;
}
/* }}} */
/* {{{ proto bool openssl_x509_export(mixed x509, string &out [, bool notext = true])
Exports a CERT to file or a var */
PHP_FUNCTION(openssl_x509_export)
@ -2162,7 +2176,7 @@ PHP_FUNCTION(openssl_x509_checkpurpose)
goto clean_exit;
}
ret = check_cert(cainfo, cert, untrustedchain, purpose);
ret = check_cert(cainfo, cert, untrustedchain, (int)purpose);
if (ret != 0 && ret != 1) {
RETVAL_LONG(ret);
} else {
@ -2519,7 +2533,7 @@ PHP_FUNCTION(openssl_pkcs12_read)
bio_in = BIO_new(BIO_s_mem());
if(!BIO_write(bio_in, zp12, zp12_len))
if(0 >= BIO_write(bio_in, zp12, (int)zp12_len))
goto cleanup;
if(d2i_PKCS12_bio(bio_in, &p12)) {
@ -2660,7 +2674,7 @@ static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, z
v = sk_CONF_VALUE_value(dn_sk, i);
type = v->name;
len = strlen(type);
len = (int)strlen(type);
if (len < sizeof("_default")) {
continue;
}
@ -2776,7 +2790,7 @@ static X509_REQ * php_openssl_csr_from_zval(zval * val, int makeresource, zend_r
}
in = BIO_new_file(filename, "r");
} else {
in = BIO_new_mem_buf(Z_STRVAL_P(val), Z_STRLEN_P(val));
in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val));
}
csr = PEM_read_bio_X509_REQ(in, NULL,NULL,NULL);
BIO_free(in);
@ -2950,7 +2964,7 @@ PHP_FUNCTION(openssl_csr_sign)
goto cleanup;
ASN1_INTEGER_set(X509_get_serialNumber(new_cert), serial);
ASN1_INTEGER_set(X509_get_serialNumber(new_cert), (long)serial);
X509_set_subject_name(new_cert, X509_REQ_get_subject_name(csr));
@ -2961,7 +2975,7 @@ PHP_FUNCTION(openssl_csr_sign)
goto cleanup;
}
X509_gmtime_adj(X509_get_notBefore(new_cert), 0);
X509_gmtime_adj(X509_get_notAfter(new_cert), (long)60*60*24*num_days);
X509_gmtime_adj(X509_get_notAfter(new_cert), 60*60*24*(long)num_days);
i = X509_set_pubkey(new_cert, key);
if (!i) {
goto cleanup;
@ -3274,7 +3288,7 @@ static EVP_PKEY * php_openssl_evp_from_zval(zval * val, int public_key, char * p
if (filename) {
in = BIO_new_file(filename, "r");
} else {
in = BIO_new_mem_buf(Z_STRVAL_P(val), Z_STRLEN_P(val));
in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val));
}
if (in == NULL) {
TMP_CLEAN;
@ -3292,7 +3306,7 @@ static EVP_PKEY * php_openssl_evp_from_zval(zval * val, int public_key, char * p
}
in = BIO_new_file(filename, "r");
} else {
in = BIO_new_mem_buf(Z_STRVAL_P(val), Z_STRLEN_P(val));
in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val));
}
if (in == NULL) {
@ -3468,7 +3482,7 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey)
Z_TYPE_P(bn) == IS_STRING) { \
_type->_name = BN_bin2bn( \
(unsigned char*)Z_STRVAL_P(bn), \
Z_STRLEN_P(bn), NULL); \
(int)Z_STRLEN_P(bn), NULL); \
} \
} while (0);
@ -3631,11 +3645,11 @@ PHP_FUNCTION(openssl_pkey_export_to_file)
switch (EVP_PKEY_type(key->type)) {
#ifdef HAVE_EVP_PKEY_EC
case EVP_PKEY_EC:
pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL);
pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL);
break;
#endif
default:
pem_write = PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL);
pem_write = PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL);
break;
}
@ -3699,11 +3713,11 @@ PHP_FUNCTION(openssl_pkey_export)
switch (EVP_PKEY_type(key->type)) {
#ifdef HAVE_EVP_PKEY_EC
case EVP_PKEY_EC:
pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL);
pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL);
break;
#endif
default:
pem_write = PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL);
pem_write = PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL);
break;
}
@ -3965,7 +3979,7 @@ PHP_FUNCTION(openssl_pbkdf2)
out_buffer = zend_string_alloc(key_length, 0);
if (PKCS5_PBKDF2_HMAC(password, password_len, (unsigned char *)salt, salt_len, iterations, digest, key_length, (unsigned char*)out_buffer->val) == 1) {
if (PKCS5_PBKDF2_HMAC(password, (int)password_len, (unsigned char *)salt, (int)salt_len, (int)iterations, digest, (int)key_length, (unsigned char*)out_buffer->val) == 1) {
out_buffer->val[key_length] = 0;
RETURN_STR(out_buffer);
} else {
@ -4052,7 +4066,7 @@ PHP_FUNCTION(openssl_pkcs7_verify)
zend_printf("Calling PKCS7 verify\n");
#endif
if (PKCS7_verify(p7, others, store, datain, dataout, flags)) {
if (PKCS7_verify(p7, others, store, datain, dataout, (int)flags)) {
RETVAL_TRUE;
@ -4066,7 +4080,7 @@ PHP_FUNCTION(openssl_pkcs7_verify)
certout = BIO_new_file(signersfilename, "w");
if (certout) {
int i;
signers = PKCS7_get0_signers(p7, NULL, flags);
signers = PKCS7_get0_signers(p7, NULL, (int)flags);
for(i = 0; i < sk_X509_num(signers); i++) {
PEM_write_bio_X509(certout, sk_X509_value(signers, i));
@ -4182,7 +4196,7 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
goto clean_exit;
}
p7 = PKCS7_encrypt(recipcerts, infile, (EVP_CIPHER*)cipher, flags);
p7 = PKCS7_encrypt(recipcerts, infile, (EVP_CIPHER*)cipher, (int)flags);
if (p7 == NULL) {
goto clean_exit;
@ -4204,7 +4218,7 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
(void)BIO_reset(infile);
/* write the encrypted data */
SMIME_write_PKCS7(outfile, p7, infile, flags);
SMIME_write_PKCS7(outfile, p7, infile, (int)flags);
RETVAL_TRUE;
@ -4284,7 +4298,7 @@ PHP_FUNCTION(openssl_pkcs7_sign)
goto clean_exit;
}
p7 = PKCS7_sign(cert, privkey, others, infile, flags);
p7 = PKCS7_sign(cert, privkey, others, infile, (int)flags);
if (p7 == NULL) {
php_error_docref(NULL, E_WARNING, "error creating PKCS7 structure!");
goto clean_exit;
@ -4305,7 +4319,7 @@ PHP_FUNCTION(openssl_pkcs7_sign)
} ZEND_HASH_FOREACH_END();
}
/* write the signed data */
SMIME_write_PKCS7(outfile, p7, infile, flags);
SMIME_write_PKCS7(outfile, p7, infile, (int)flags);
RETVAL_TRUE;
@ -4421,6 +4435,9 @@ PHP_FUNCTION(openssl_private_encrypt)
if (pkey == NULL) {
php_error_docref(NULL, E_WARNING, "key param is not a valid private key");
RETURN_FALSE;
} else if (INT_MAX < data_len) {
php_error_docref(NULL, E_WARNING, "data is too long");
RETURN_FALSE;
}
cryptedlen = EVP_PKEY_size(pkey);
@ -4429,11 +4446,11 @@ PHP_FUNCTION(openssl_private_encrypt)
switch (pkey->type) {
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2:
successful = (RSA_private_encrypt(data_len,
successful = (RSA_private_encrypt((int)data_len,
(unsigned char *)data,
(unsigned char *)cryptedbuf->val,
pkey->pkey.rsa,
padding) == cryptedlen);
(int)padding) == cryptedlen);
break;
default:
php_error_docref(NULL, E_WARNING, "key type not supported in this PHP build!");
@ -4479,6 +4496,9 @@ PHP_FUNCTION(openssl_private_decrypt)
if (pkey == NULL) {
php_error_docref(NULL, E_WARNING, "key parameter is not a valid private key");
RETURN_FALSE;
} else if (INT_MAX < data_len) {
php_error_docref(NULL, E_WARNING, "data is too long");
RETURN_FALSE;
}
cryptedlen = EVP_PKEY_size(pkey);
@ -4487,11 +4507,11 @@ PHP_FUNCTION(openssl_private_decrypt)
switch (pkey->type) {
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2:
cryptedlen = RSA_private_decrypt(data_len,
cryptedlen = RSA_private_decrypt((int)data_len,
(unsigned char *)data,
crypttemp,
pkey->pkey.rsa,
padding);
(int)padding);
if (cryptedlen != -1) {
cryptedbuf = zend_string_alloc(cryptedlen, 0);
memcpy(cryptedbuf->val, crypttemp, cryptedlen);
@ -4543,6 +4563,9 @@ PHP_FUNCTION(openssl_public_encrypt)
if (pkey == NULL) {
php_error_docref(NULL, E_WARNING, "key parameter is not a valid public key");
RETURN_FALSE;
} else if (INT_MAX < data_len) {
php_error_docref(NULL, E_WARNING, "data is too long");
RETURN_FALSE;
}
cryptedlen = EVP_PKEY_size(pkey);
@ -4551,11 +4574,11 @@ PHP_FUNCTION(openssl_public_encrypt)
switch (pkey->type) {
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2:
successful = (RSA_public_encrypt(data_len,
successful = (RSA_public_encrypt((int)data_len,
(unsigned char *)data,
(unsigned char *)cryptedbuf->val,
pkey->pkey.rsa,
padding) == cryptedlen);
(int)padding) == cryptedlen);
break;
default:
php_error_docref(NULL, E_WARNING, "key type not supported in this PHP build!");
@ -4602,6 +4625,9 @@ PHP_FUNCTION(openssl_public_decrypt)
if (pkey == NULL) {
php_error_docref(NULL, E_WARNING, "key parameter is not a valid public key");
RETURN_FALSE;
} else if (INT_MAX < data_len) {
php_error_docref(NULL, E_WARNING, "data is too long");
RETURN_FALSE;
}
cryptedlen = EVP_PKEY_size(pkey);
@ -4610,11 +4636,11 @@ PHP_FUNCTION(openssl_public_decrypt)
switch (pkey->type) {
case EVP_PKEY_RSA:
case EVP_PKEY_RSA2:
cryptedlen = RSA_public_decrypt(data_len,
cryptedlen = RSA_public_decrypt((int)data_len,
(unsigned char *)data,
crypttemp,
pkey->pkey.rsa,
padding);
(int)padding);
if (cryptedlen != -1) {
cryptedbuf = zend_string_alloc(cryptedlen, 0);
memcpy(cryptedbuf->val, crypttemp, cryptedlen);
@ -4774,7 +4800,7 @@ PHP_FUNCTION(openssl_verify)
EVP_VerifyInit (&md_ctx, mdtype);
EVP_VerifyUpdate (&md_ctx, data, data_len);
err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, signature_len, pkey);
err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, (int)signature_len, pkey);
EVP_MD_CTX_cleanup(&md_ctx);
if (keyresource == NULL) {
@ -4809,6 +4835,9 @@ PHP_FUNCTION(openssl_seal)
if (!nkeys) {
php_error_docref(NULL, E_WARNING, "Fourth argument to openssl_seal() must be a non-empty array");
RETURN_FALSE;
} else if (INT_MAX < data_len) {
php_error_docref(NULL, E_WARNING, "data is too long");
RETURN_FALSE;
}
if (method) {
@ -4856,7 +4885,7 @@ PHP_FUNCTION(openssl_seal)
buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx));
EVP_CIPHER_CTX_cleanup(&ctx);
if (!EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) || !EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) {
if (!EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) || !EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, (int)data_len)) {
RETVAL_FALSE;
efree(buf);
EVP_CIPHER_CTX_cleanup(&ctx);
@ -4938,6 +4967,12 @@ PHP_FUNCTION(openssl_open)
if (pkey == NULL) {
php_error_docref(NULL, E_WARNING, "unable to coerce parameter 4 into a private key");
RETURN_FALSE;
} else if (INT_MAX < ekey_len) {
php_error_docref(NULL, E_WARNING, "ekey is too long");
RETURN_FALSE;
} else if (INT_MAX < data_len) {
php_error_docref(NULL, E_WARNING, "data is too long");
RETURN_FALSE;
}
if (method) {
@ -4952,7 +4987,7 @@ PHP_FUNCTION(openssl_open)
buf = emalloc(data_len + 1);
if (EVP_OpenInit(&ctx, cipher, (unsigned char *)ekey, ekey_len, NULL, pkey) && EVP_OpenUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) {
if (EVP_OpenInit(&ctx, cipher, (unsigned char *)ekey, (int)ekey_len, NULL, pkey) && EVP_OpenUpdate(&ctx, buf, &len1, (unsigned char *)data, (int)data_len)) {
if (!EVP_OpenFinal(&ctx, buf + len1, &len2) || (len1 + len2 == 0)) {
efree(buf);
RETVAL_FALSE;
@ -5122,6 +5157,9 @@ PHP_FUNCTION(openssl_encrypt)
if (!cipher_type) {
php_error_docref(NULL, E_WARNING, "Unknown cipher algorithm");
RETURN_FALSE;
} else if (INT_MAX < data_len) {
php_error_docref(NULL, E_WARNING, "data is too long");
RETURN_FALSE;
}
keylen = EVP_CIPHER_key_length(cipher_type);
@ -5139,19 +5177,19 @@ PHP_FUNCTION(openssl_encrypt)
}
free_iv = php_openssl_validate_iv(&iv, &iv_len, max_iv_len);
outlen = data_len + EVP_CIPHER_block_size(cipher_type);
outlen = (int)data_len + EVP_CIPHER_block_size(cipher_type);
outbuf = zend_string_alloc(outlen, 0);
EVP_EncryptInit(&cipher_ctx, cipher_type, NULL, NULL);
if (password_len > keylen) {
EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
EVP_CIPHER_CTX_set_key_length(&cipher_ctx, (int)password_len);
}
EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
if (options & OPENSSL_ZERO_PADDING) {
EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
}
if (data_len > 0) {
EVP_EncryptUpdate(&cipher_ctx, (unsigned char*)outbuf->val, &i, (unsigned char *)data, data_len);
EVP_EncryptUpdate(&cipher_ctx, (unsigned char*)outbuf->val, &i, (unsigned char *)data, (int)data_len);
}
outlen = i;
if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf->val + i, &i)) {
@ -5203,6 +5241,9 @@ PHP_FUNCTION(openssl_decrypt)
if (!method_len) {
php_error_docref(NULL, E_WARNING, "Unknown cipher algorithm");
RETURN_FALSE;
} else if (INT_MAX < data_len) {
php_error_docref(NULL, E_WARNING, "data is too long");
RETURN_FALSE;
}
cipher_type = EVP_get_cipherbyname(method);
@ -5212,7 +5253,7 @@ PHP_FUNCTION(openssl_decrypt)
}
if (!(options & OPENSSL_RAW_DATA)) {
base64_str = php_base64_decode((unsigned char*)data, data_len);
base64_str = php_base64_decode((unsigned char*)data, (int)data_len);
if (!base64_str) {
php_error_docref(NULL, E_WARNING, "Failed to base64 decode the input");
RETURN_FALSE;
@ -5232,18 +5273,18 @@ PHP_FUNCTION(openssl_decrypt)
free_iv = php_openssl_validate_iv(&iv, &iv_len, EVP_CIPHER_iv_length(cipher_type));
outlen = data_len + EVP_CIPHER_block_size(cipher_type);
outlen = (int)data_len + EVP_CIPHER_block_size(cipher_type);
outbuf = zend_string_alloc(outlen, 0);
EVP_DecryptInit(&cipher_ctx, cipher_type, NULL, NULL);
if (password_len > keylen) {
EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len);
EVP_CIPHER_CTX_set_key_length(&cipher_ctx, (int)password_len);
}
EVP_DecryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv);
if (options & OPENSSL_ZERO_PADDING) {
EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0);
}
EVP_DecryptUpdate(&cipher_ctx, (unsigned char*)outbuf->val, &i, (unsigned char *)data, data_len);
EVP_DecryptUpdate(&cipher_ctx, (unsigned char*)outbuf->val, &i, (unsigned char *)data, (int)data_len);
outlen = i;
if (EVP_DecryptFinal(&cipher_ctx, (unsigned char *)outbuf->val + i, &i)) {
outlen += i;
@ -5314,7 +5355,7 @@ PHP_FUNCTION(openssl_dh_compute_key)
RETURN_FALSE;
}
pub = BN_bin2bn((unsigned char*)pub_str, pub_len, NULL);
pub = BN_bin2bn((unsigned char*)pub_str, (int)pub_len, NULL);
data = zend_string_alloc(DH_size(pkey->pkey.dh), 0);
len = DH_compute_key((unsigned char*)data->val, pub, pkey->pkey.dh);

49
ext/openssl/xp_ssl.c
View File

@ -149,7 +149,7 @@ static int handle_ssl_error(php_stream *stream, int nr_bytes, zend_bool is_init)
int err = SSL_get_error(sslsock->ssl_handle, nr_bytes);
char esbuf[512];
smart_str ebuf = {0};
zend_ulong ecode;
unsigned long ecode;
int retry = 1;
switch(err) {
@ -314,7 +314,8 @@ static zend_bool php_x509_fingerprint_match(X509 *peer, zval *val)
static zend_bool matches_wildcard_name(const char *subjectname, const char *certname) /* {{{ */
{
char *wildcard = NULL;
int prefix_len, suffix_len, subject_len;
ptrdiff_t prefix_len;
size_t suffix_len, subject_len;
if (strcasecmp(subjectname, certname) == 0) {
return 1;
@ -517,7 +518,7 @@ static int passwd_callback(char *buf, int num, int verify, void *data) /* {{{ */
if (passphrase) {
if (Z_STRLEN_P(val) < num - 1) {
memcpy(buf, Z_STRVAL_P(val), Z_STRLEN_P(val)+1);
return Z_STRLEN_P(val);
return (int)Z_STRLEN_P(val);
}
}
return 0;
@ -925,9 +926,9 @@ static const SSL_METHOD *php_select_crypto_method(zend_long method_value, int is
}
/* }}} */
static zend_long php_get_crypto_method_ctx_flags(zend_long method_flags) /* {{{ */
static int php_get_crypto_method_ctx_flags(int method_flags) /* {{{ */
{
zend_long ssl_ctx_options = SSL_OP_ALL;
int ssl_ctx_options = SSL_OP_ALL;
#ifndef OPENSSL_NO_SSL2
if (!(method_flags & STREAM_CRYPTO_METHOD_SSLv2)) {
@ -1376,8 +1377,8 @@ int php_openssl_setup_crypto(php_stream *stream,
) /* {{{ */
{
const SSL_METHOD *method;
long ssl_ctx_options;
long method_flags;
int ssl_ctx_options;
int method_flags;
char *cipherlist = NULL;
zval *val;
@ -1755,7 +1756,6 @@ static size_t php_openssl_sockop_read(php_stream *stream, char *buf, size_t coun
static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, size_t count) /* {{{ */
{
php_openssl_netstream_data_t *sslsock = (php_openssl_netstream_data_t*)stream->abstract;
int nr_bytes = 0;
/* Only do this if SSL is active. */
if (sslsock->ssl_active) {
@ -1764,6 +1764,12 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz
*timeout;
int blocked = sslsock->s.is_blocked,
has_timeout = 0;
int nr_bytes = 0;
/* prevent overflow in openssl */
if (count > INT_MAX) {
count = INT_MAX;
}
/* Begin by making the socket non-blocking. This allows us to check the timeout. */
if (SUCCESS == php_set_sock_blocking(sslsock->s.socket, 0)) {
@ -1803,7 +1809,7 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz
/* Now, do the IO operation. Don't block if we can't complete... */
if (read) {
nr_bytes = SSL_read(sslsock->ssl_handle, buf, count);
nr_bytes = SSL_read(sslsock->ssl_handle, buf, (int)count);
if (sslsock->reneg && sslsock->reneg->should_close) {
/* renegotiation rate limiting triggered */
@ -1813,7 +1819,7 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz
break;
}
} else {
nr_bytes = SSL_write(sslsock->ssl_handle, buf, count);
nr_bytes = SSL_write(sslsock->ssl_handle, buf, (int)count);
}
/* Now, how much time until we time out? */
@ -1885,7 +1891,11 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz
php_set_sock_blocking(sslsock->s.socket, 1);
sslsock->s.is_blocked = 1;
}
return 0 > nr_bytes ? 0 : nr_bytes;
} else {
size_t nr_bytes = 0;
/*
* This block is if we had no timeout... We will just sit and wait forever on the IO operation.
*/
@ -1894,14 +1904,9 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz
} else {
nr_bytes = php_stream_socket_ops.write(stream, buf, count);
}
}
/* PHP doesn't expect a negative return. */
if (nr_bytes < 0) {
nr_bytes = 0;
return nr_bytes;
}
return nr_bytes;
}
/* }}} */
@ -2089,7 +2094,11 @@ static int php_openssl_sockop_set_option(php_stream *stream, int option, int val
if (value == -1) {
if (sslsock->s.timeout.tv_sec == -1) {
tv.tv_sec = FG(default_socket_timeout);
#ifdef _WIN32
tv.tv_sec = (long)FG(default_socket_timeout);
#else
tv.tv_sec = (time_t)FG(default_socket_timeout);
#endif
tv.tv_usec = 0;
} else {
tv = sslsock->connect_timeout;
@ -2302,7 +2311,11 @@ php_stream *php_openssl_ssl_socket_factory(const char *proto, size_t protolen,
sslsock->s.is_blocked = 1;
/* this timeout is used by standard stream funcs, therefor it should use the default value */
sslsock->s.timeout.tv_sec = FG(default_socket_timeout);
#ifdef _WIN32
sslsock->s.timeout.tv_sec = (long)FG(default_socket_timeout);
#else
sslsock->s.timeout.tv_sec = (time_t)FG(default_socket_timeout);
#endif
sslsock->s.timeout.tv_usec = 0;
/* use separate timeout for our private funcs */

1
ext/session/mod_files.c
View File

@ -220,7 +220,6 @@ static void ps_files_open(ps_files *data, const char *key)
static int ps_files_write(ps_files *data, zend_string *key, zend_string *val)
{
zend_long n;
zend_stat_t sbuf;
/* PS(id) may be changed by calling session_regenerate_id().
Re-initialization should be tried here. ps_files_open() checks