From a8086be81c088db439dda157d330dfd69e38bcc7 Mon Sep 17 00:00:00 2001 From: Niels Dossche <7771979+nielsdos@users.noreply.github.com> Date: Wed, 2 Jul 2025 22:04:09 +0200 Subject: [PATCH] Fix GH-18986: OpenSSL backend: incorrect RAND_{load,write}_file() return value check As noted by the LibreSSL maintainer, these functions return -1 on error. This is further confirmed by my static analyzer that inferred the same thing for OpenSSL. Closes GH-19013. --- NEWS | 2 ++ ext/openssl/openssl.c | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index c395d0dcd3b..42de159acba 100644 --- a/NEWS +++ b/NEWS @@ -37,6 +37,8 @@ PHP NEWS - OpenSSL: . Fixed bug #80770 (It is not possible to get client peer certificate with stream_socket_server). (Jakub Zelenka) + . Fixed bug GH-18986 (OpenSSL backend: incorrect RAND_{load,write}_file() + return value check). (nielsdos, botovq) - PCNTL: . Fixed bug GH-18958 (Fatal error during shutdown after pcntl_rfork() or diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 718f946ad17..e44bc90bbd7 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -1095,7 +1095,7 @@ static int php_openssl_load_rand_file(const char * file, int *egdsocket, int *se return SUCCESS; #endif } - if (file == NULL || !RAND_load_file(file, -1)) { + if (file == NULL || RAND_load_file(file, -1) < 0) { if (RAND_status() == 0) { php_openssl_store_errors(); php_error_docref(NULL, E_WARNING, "Unable to load random state; not enough random data!"); @@ -1122,7 +1122,7 @@ static int php_openssl_write_rand_file(const char * file, int egdsocket, int see file = RAND_file_name(buffer, sizeof(buffer)); } PHP_OPENSSL_RAND_ADD_TIME(); - if (file == NULL || !RAND_write_file(file)) { + if (file == NULL || RAND_write_file(file) < 0) { php_openssl_store_errors(); php_error_docref(NULL, E_WARNING, "Unable to write random state"); return FAILURE;