Skip to content

Simplify php_openssl_load_all_certs_from_file()#21430

Open
botovq wants to merge 1 commit intophp:masterfrom
botovq:load_all_certs_from_file
Open

Simplify php_openssl_load_all_certs_from_file()#21430
botovq wants to merge 1 commit intophp:masterfrom
botovq:load_all_certs_from_file

Conversation

@botovq
Copy link
Copy Markdown

@botovq botovq commented Mar 13, 2026

Correctly free both stacks, sk and stack, in the exit path and transfer ownership of stack to ret on success. Don't free the members of sk in the loop, only steal the certs after successful sk_X509_push(), which is error checked as it always should be. Switch from sk_new_reserve() back to the much saner sk_X509_new_null(). This makes ownership in this code easier to reason about and more robust to future modifications.

Alternative to #21418

@botovq
Simplify php_openssl_load_all_certs_from_file()
81df150 
Correctly free both stacks, sk and stack, in the exit path and transfer
ownership of stack to ret on success. Don't free the members of sk
in the loop, only steal the certs after successful sk_X509_push(), which
is error checked as it always should be. Switch from sk_new_reserve()
back to the much saner sk_X509_new_null(). This makes ownership in this
code easier to reason about and more robust to future modifications.
@botovq botovq requested a review from bukka as a code owner March 13, 2026 04:03
@botovq botovq mentioned this pull request Mar 13, 2026
Closed
bukka
bukka reviewed Apr 3, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@bukka bukka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good except that sk_X509_new_null

ext/openssl/openssl_backend_common.c
}

if(!(stack = sk_X509_new_reserve(NULL, sk_X509_INFO_num(sk)))) {
if(!(stack = sk_X509_new_null())) {
Copy link
Copy Markdown
Member

@bukka bukka Apr 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this changed? sk_X509_new_reserve pre-allocates space for the certs which should be better so don't exactly get why it was replaced...

Copy link
Copy Markdown
Author

@botovq botovq Apr 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To be honest, I took a look at this because LibreSSL doesn't have sk_reserve and really doesn't want to add it if at all possible. There are currently no unconditional uses of this API and it would be nice if it stayed this way. It is a pretty bad interface that tends to attracts bugs (like in the case at hand) because whenever you think you need it, you almost certainly have ownership handling that could be improved instead.

So I thought I'd simply switch it back to what it was before 4b9e80e because I assumed the use of sk_reserve() was precisely to avoid having to error check sk_push().

ext/openssl/openssl_backend_common.c
while (sk_X509_INFO_num(sk)) {
xi=sk_X509_INFO_shift(sk);
for (i = 0; i < sk_X509_INFO_num(sk); i++) {
xi=sk_X509_INFO_value(sk,i);
Copy link
Copy Markdown
Member

@bukka bukka Apr 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
xi=sk_X509_INFO_value(sk,i);
xi = sk_X509_INFO_value(sk,i);

when you are in it...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bukka bukka bukka left review comments

Assignees

No one assigned

Labels

Extension: openssl

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@botovq @bukka @iluuu1994