Skip to content

Commit 3704947

Browse files
bukkabukka
committed
Replace ASN1_STRING_data with ASN1_STRING_get0_data
This is a slightly modified version of the patch from Jelle van der Waa ( @jelly ) so full credit to him.
1 parent 585c9f3 commit 3704947

File tree

1 file changed

+24
-17
lines changed

1 file changed

+24
-17
lines changed

ext/openssl/openssl.c

Lines changed: 24 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -653,6 +653,11 @@ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
653653
return 1;
654654
}
655655

656+
static const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *asn1)
657+
{
658+
return M_ASN1_STRING_data(asn1);
659+
}
660+
656661
#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined (LIBRESSL_VERSION_NUMBER)
657662

658663
static int X509_get_signature_nid(const X509 *x)
@@ -811,9 +816,9 @@ static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int s
811816
}
812817

813818
for (i = 0; i < X509_NAME_entry_count(name); i++) {
814-
unsigned char *to_add = NULL;
819+
const unsigned char *to_add = NULL;
815820
int to_add_len = 0;
816-
int needs_free = 0;
821+
unsigned char *to_add_buf = NULL;
817822

818823
ne = X509_NAME_get_entry(name, i);
819824
obj = X509_NAME_ENTRY_get_object(ne);
@@ -828,32 +833,34 @@ static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int s
828833
str = X509_NAME_ENTRY_get_data(ne);
829834
if (ASN1_STRING_type(str) != V_ASN1_UTF8STRING) {
830835
/* ASN1_STRING_to_UTF8(3): The converted data is copied into a newly allocated buffer */
831-
to_add_len = ASN1_STRING_to_UTF8(&to_add, str);
832-
needs_free = 1;
836+
to_add_len = ASN1_STRING_to_UTF8(&to_add_buf, str);
837+
to_add = to_add_buf;
833838
} else {
834-
/* ASN1_STRING_data(3): Since this is an internal pointer it should not be freed or modified in any way */
835-
to_add = ASN1_STRING_data(str);
839+
/* ASN1_STRING_get0_data(3): Since this is an internal pointer it should not be freed or modified in any way */
840+
to_add = ASN1_STRING_get0_data(str);
836841
to_add_len = ASN1_STRING_length(str);
837842
}
838843

839844
if (to_add_len != -1) {
840845
if ((data = zend_hash_str_find(Z_ARRVAL(subitem), sname, strlen(sname))) != NULL) {
841846
if (Z_TYPE_P(data) == IS_ARRAY) {
842-
add_next_index_stringl(data, (char *)to_add, to_add_len);
847+
add_next_index_stringl(data, (const char *)to_add, to_add_len);
843848
} else if (Z_TYPE_P(data) == IS_STRING) {
844849
array_init(&tmp);
845850
add_next_index_str(&tmp, zend_string_copy(Z_STR_P(data)));
846-
add_next_index_stringl(&tmp, (char *)to_add, to_add_len);
851+
add_next_index_stringl(&tmp, (const char *)to_add, to_add_len);
847852
zend_hash_str_update(Z_ARRVAL(subitem), sname, strlen(sname), &tmp);
848853
}
849854
} else {
855+
/* it might be better to expand it and pass zval from ZVAL_STRING
856+
* to zend_symtable_str_update so we do not silently drop const
857+
* but we need a test to cover this part first */
850858
add_assoc_stringl(&subitem, sname, (char *)to_add, to_add_len);
851859
}
852860
}
853861

854-
if (needs_free) {
855-
/* ASN1_STRING_to_UTF8(3): The buffer out should be freed using free(3) */
856-
OPENSSL_free(to_add);
862+
if (to_add_buf != NULL) {
863+
OPENSSL_free(to_add_buf);
857864
}
858865
}
859866

@@ -892,7 +899,7 @@ static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr) /* {{{ */
892899

893900
timestr_len = (size_t)ASN1_STRING_length(timestr);
894901

895-
if (timestr_len != strlen((const char*)ASN1_STRING_data(timestr))) {
902+
if (timestr_len != strlen((const char *)ASN1_STRING_get0_data(timestr))) {
896903
php_error_docref(NULL, E_WARNING, "illegal length in timestamp");
897904
return (time_t)-1;
898905
}
@@ -907,7 +914,7 @@ static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr) /* {{{ */
907914
return (time_t)-1;
908915
}
909916

910-
strbuf = estrdup((char *)ASN1_STRING_data(timestr));
917+
strbuf = estrdup((const char *)ASN1_STRING_get0_data(timestr));
911918

912919
memset(&thetime, 0, sizeof(thetime));
913920

@@ -1945,7 +1952,7 @@ PHP_FUNCTION(openssl_spki_export_challenge)
19451952
goto cleanup;
19461953
}
19471954

1948-
RETVAL_STRING((char *) ASN1_STRING_data(spki->spkac->challenge));
1955+
RETVAL_STRING((const char *)ASN1_STRING_get0_data(spki->spkac->challenge));
19491956
goto cleanup;
19501957

19511958
cleanup:
@@ -2126,19 +2133,19 @@ static int openssl_x509v3_subjectAltName(BIO *bio, X509_EXTENSION *extension)
21262133
case GEN_EMAIL:
21272134
BIO_puts(bio, "email:");
21282135
as = name->d.rfc822Name;
2129-
BIO_write(bio, ASN1_STRING_data(as),
2136+
BIO_write(bio, ASN1_STRING_get0_data(as),
21302137
ASN1_STRING_length(as));
21312138
break;
21322139
case GEN_DNS:
21332140
BIO_puts(bio, "DNS:");
21342141
as = name->d.dNSName;
2135-
BIO_write(bio, ASN1_STRING_data(as),
2142+
BIO_write(bio, ASN1_STRING_get0_data(as),
21362143
ASN1_STRING_length(as));
21372144
break;
21382145
case GEN_URI:
21392146
BIO_puts(bio, "URI:");
21402147
as = name->d.uniformResourceIdentifier;
2141-
BIO_write(bio, ASN1_STRING_data(as),
2148+
BIO_write(bio, ASN1_STRING_get0_data(as),
21422149
ASN1_STRING_length(as));
21432150
break;
21442151
default:

0 commit comments

Comments
 (0)