Merge branch 'PHP-8.3' into PHP-8.4

* PHP-8.3: Fix GH-18986: OpenSSL backend: incorrect RAND_{load,write}_file() return value check
2025-08-16 05:58:45 +02:00 · 2025-07-15 18:50:46 +02:00 · 2025-07-15 18:50:46 +02:00 · f938f356cb
commit f938f356cb
parent 3d468a181a a8086be81c
2 changed files with 5 additions and 3 deletions
--- a/4
+++ b/4
@ -2,7 +2,9 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? ????, PHP 8.4.12
-
+- OpenSSL:
  . Fixed bug GH-18986 (OpenSSL backend: incorrect RAND_{load,write}_file()
    return value check). (nielsdos, botovq)
 31 Jul 2025, PHP 8.4.11
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@ -1113,7 +1113,7 @@ static int php_openssl_load_rand_file(const char * file, int *egdsocket, int *se
 		return SUCCESS;
 #endif
 	}
-	if (file == NULL || !RAND_load_file(file, -1)) {
+	if (file == NULL || RAND_load_file(file, -1) < 0) {
 		if (RAND_status() == 0) {
 			php_openssl_store_errors();
 			php_error_docref(NULL, E_WARNING, "Unable to load random state; not enough random data!");
@ -1140,7 +1140,7 @@ static int php_openssl_write_rand_file(const char * file, int egdsocket, int see
 		file = RAND_file_name(buffer, sizeof(buffer));
 	}
 	PHP_OPENSSL_RAND_ADD_TIME();
-	if (file == NULL || !RAND_write_file(file)) {
+	if (file == NULL || RAND_write_file(file) < 0) {
 		php_openssl_store_errors();
 		php_error_docref(NULL, E_WARNING, "Unable to write random state");
 		return FAILURE;