File php-CVE-2017-11144.patch of Package php5.openSUSE_Leap_42.3_Update

X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fopenssl%2Fopenssl.c;h=2107b9ba5905b5e880dc5f31117e25ee15c6f79b;hp=6203267a0579350372304f69f601c6022c251bc1;hb=73cabfedf519298e1a11192699f44d53c529315e;hpb=4b38feabe745b553703cd53f37615b955502f4e7

Index: php-5.5.14/ext/openssl/openssl.c
===================================================================
--- php-5.5.14.orig/ext/openssl/openssl.c	2017-07-21 12:06:09.432781981 +0200
+++ php-5.5.14/ext/openssl/openssl.c	2017-07-21 12:12:00.998492582 +0200
@@ -4410,7 +4410,7 @@ PHP_FUNCTION(openssl_seal)
 	buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx));
 	EVP_CIPHER_CTX_cleanup(&ctx);
 
-	if (!EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) || !EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) {
+	if (EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) <= 0 || !EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) {
 		RETVAL_FALSE;
 		efree(buf);
 		EVP_CIPHER_CTX_cleanup(&ctx);
openSUSE Build Service is sponsored by