File php-CVE-2017-11144.patch of Package php7.8192

X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fopenssl%2Fopenssl.c;h=2107b9ba5905b5e880dc5f31117e25ee15c6f79b;hp=6203267a0579350372304f69f601c6022c251bc1;hb=73cabfedf519298e1a11192699f44d53c529315e;hpb=4b38feabe745b553703cd53f37615b955502f4e7

Index: php-7.0.7/ext/openssl/openssl.c
===================================================================
--- php-7.0.7.orig/ext/openssl/openssl.c	2017-07-21 12:01:09.283931863 +0200
+++ php-7.0.7/ext/openssl/openssl.c	2017-07-21 12:02:06.412852846 +0200
@@ -4973,7 +4973,7 @@ PHP_FUNCTION(openssl_seal)
 	buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx));
 	EVP_CIPHER_CTX_cleanup(&ctx);
 
-	if (!EVP_SealInit(&ctx, cipher, eks, eksl, &iv_buf[0], pkeys, nkeys) ||
+	if (EVP_SealInit(&ctx, cipher, eks, eksl, &iv_buf[0], pkeys, nkeys) <= 0 ||
 			!EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, (int)data_len) ||
 			!EVP_SealFinal(&ctx, buf + len1, &len2)) {
 		RETVAL_FALSE;