Skip to content

Commit 880a6fc

Browse files
ndosschendossche
committed
Fix memory leak regression in openssl_pbkdf2()
We're fetching the digest using the new method, but if an alias is used, the method is fetched via EVP_MD_fetch() which requires lifetime management. This is observable when using "sha-256" instead of "sha256" as an algorithm name. This is a regression in comparison to PHP 8.4. Closes GH-21039.
1 parent f8ce1a8 commit 880a6fc

File tree

3 files changed

+10
-2
lines changed

3 files changed

+10
-2
lines changed

NEWS

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,9 @@ PHP NEWS
1919
zend_jit_use_reg). (Arnaud)
2020
. Fixed bug GH-21593 (Borked function JIT JMPNZ smart branch). (ilutov)
2121

22+
- OpenSSL:
23+
. Fix memory leak regression in openssl_pbkdf2(). (ndossche)
24+
2225
- DOM:
2326
. Fixed bug GH-21566 (Dom\XMLDocument::C14N() emits duplicate xmlns
2427
declarations after setAttributeNS()). (David Carlier)

ext/openssl/openssl.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2450,12 +2450,14 @@ PHP_FUNCTION(openssl_pbkdf2)
24502450

24512451
if (PKCS5_PBKDF2_HMAC(password, (int)password_len, (unsigned char *)salt, (int)salt_len, (int)iterations, digest, (int)key_length, (unsigned char*)ZSTR_VAL(out_buffer)) == 1) {
24522452
ZSTR_VAL(out_buffer)[key_length] = 0;
2453-
RETURN_NEW_STR(out_buffer);
2453+
RETVAL_NEW_STR(out_buffer);
24542454
} else {
24552455
php_openssl_store_errors();
24562456
zend_string_release_ex(out_buffer, 0);
2457-
RETURN_FALSE;
2457+
RETVAL_FALSE;
24582458
}
2459+
2460+
php_openssl_release_evp_md(digest);
24592461
}
24602462
/* }}} */
24612463

ext/openssl/tests/openssl_pbkdf2_basic.phpt

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,10 +19,13 @@ var_dump(bin2hex(openssl_pbkdf2('password', 'salt', 20, 16777216)));
1919
var_dump(bin2hex(openssl_pbkdf2('passwordPASSWORDpassword', 'saltSALTsaltSALTsaltSALTsaltSALTsalt', 25, 4096)));
2020
var_dump(bin2hex(openssl_pbkdf2("pass\0word", "sa\0lt", 16, 4096)));
2121

22+
var_dump(bin2hex(openssl_pbkdf2("password", "salt", 16, 4096, "sha-256")));
23+
2224
?>
2325
--EXPECT--
2426
string(40) "0c60c80f961f0e71f3a9b524af6012062fe037a6"
2527
string(40) "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
2628
string(40) "4b007901b765489abead49d926f721d065a429c1"
2729
string(50) "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
2830
string(32) "56fa6aa75548099dcc37d7f03425e0c3"
31+
string(32) "c5e478d59288c841aa530db6845c4c8d"

0 commit comments

Comments
 (0)