mirror of
https://github.com/php/php-src.git
synced 2025-08-16 05:58:45 +02:00
Fix leak on Windows as well
Cf. <http://git.php.net/?p=php-src.git;a=commit;h=db08ef0d3274b239a6b9e68d71d02bb6acb71d82>
This commit is contained in:
Christoph M. Becker
parent
efbc962c92
commit
0afdf194f0
1 changed files with 5 additions and 0 deletions
|
|
@ -809,6 +809,7 @@ mysqlnd_sha256_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t server_pub
|
||||||
*/
|
*/
|
||||||
if ((size_t) server_public_key_len <= passwd_len + 41) {
|
if ((size_t) server_public_key_len <= passwd_len + 41) {
|
||||||
/* password message is to long */
|
/* password message is to long */
|
||||||
|
BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
|
||||||
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
|
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
|
||||||
DBG_ERR("password is too long");
|
DBG_ERR("password is too long");
|
||||||
DBG_RETURN(0);
|
DBG_RETURN(0);
|
||||||
|
|
@ -818,6 +819,7 @@ mysqlnd_sha256_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t server_pub
|
||||||
ret = malloc(*auth_data_len);
|
ret = malloc(*auth_data_len);
|
||||||
if (BCryptEncrypt((BCRYPT_KEY_HANDLE) server_public_key, xor_str, passwd_len + 1, &padding_info,
|
if (BCryptEncrypt((BCRYPT_KEY_HANDLE) server_public_key, xor_str, passwd_len + 1, &padding_info,
|
||||||
NULL, 0, ret, server_public_key_len, &server_public_key_len, BCRYPT_PAD_OAEP)) {
|
NULL, 0, ret, server_public_key_len, &server_public_key_len, BCRYPT_PAD_OAEP)) {
|
||||||
|
BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
|
||||||
DBG_RETURN(0);
|
DBG_RETURN(0);
|
||||||
}
|
}
|
||||||
BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
|
BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
|
||||||
|
|
@ -1057,6 +1059,7 @@ mysqlnd_caching_sha2_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t serv
|
||||||
*/
|
*/
|
||||||
if ((size_t) server_public_key_len <= passwd_len + 41) {
|
if ((size_t) server_public_key_len <= passwd_len + 41) {
|
||||||
/* password message is to long */
|
/* password message is to long */
|
||||||
|
BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
|
||||||
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
|
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
|
||||||
DBG_ERR("password is too long");
|
DBG_ERR("password is too long");
|
||||||
DBG_RETURN(0);
|
DBG_RETURN(0);
|
||||||
|
|
@ -1065,8 +1068,10 @@ mysqlnd_caching_sha2_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t serv
|
||||||
*crypted = emalloc(server_public_key_len);
|
*crypted = emalloc(server_public_key_len);
|
||||||
if (BCryptEncrypt((BCRYPT_KEY_HANDLE) server_public_key, xor_str, passwd_len + 1, &padding_info,
|
if (BCryptEncrypt((BCRYPT_KEY_HANDLE) server_public_key, xor_str, passwd_len + 1, &padding_info,
|
||||||
NULL, 0, *crypted, server_public_key_len, &server_public_key_len, BCRYPT_PAD_OAEP)) {
|
NULL, 0, *crypted, server_public_key_len, &server_public_key_len, BCRYPT_PAD_OAEP)) {
|
||||||
|
BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
|
||||||
DBG_RETURN(0);
|
DBG_RETURN(0);
|
||||||
}
|
}
|
||||||
|
BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
|
||||||
DBG_RETURN(server_public_key_len);
|
DBG_RETURN(server_public_key_len);
|
||||||
}
|
}
|
||||||
/* }}} */
|
/* }}} */
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue