archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 21:48:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix RSA memory leak in mysqlnd auth

Browse source
This commit is contained in:
Nikita Popov 2020-03-23 11:54:55 +01:00
parent 347d18b48e
commit db08ef0d32
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
ext/mysqlnd/mysqlnd_auth.c
View file

@ -728,6 +728,7 @@ mysqlnd_sha256_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t server_pub
*/
if (server_public_key_len <= passwd_len + 41) {
/* password message is to long */
RSA_free(server_public_key);
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
DBG_ERR("password is too long");
DBG_RETURN(NULL);
@ -1018,6 +1019,7 @@ mysqlnd_caching_sha2_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t serv
*/
if (server_public_key_len <= passwd_len + 41) {
/* password message is to long */
RSA_free(server_public_key);
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
DBG_ERR("password is too long");
DBG_RETURN(0);
@ -1025,6 +1027,7 @@ mysqlnd_caching_sha2_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t serv
*crypted = emalloc(server_public_key_len);
RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, *crypted, server_public_key, RSA_PKCS1_OAEP_PADDING);
RSA_free(server_public_key);
DBG_RETURN(server_public_key_len);
}
/* }}} */