gh16433.phpt - OpenGrok history log for /php-src/ext/openssl/tests/gh16433.phpt

Revision		Date	Author	Comments
# 2bdf2f91		14-Oct-2024	Christoph M. Becker	Fix GH-16433: Large values for openssl_csr_sign() $days overflow The `offset_sec` parameter of `X509_gmtime_adj()` expects a `long`, but the `$days` parameter of `openssl_csr_sign()` a ` Fix GH-16433: Large values for openssl_csr_sign() $days overflow The `offset_sec` parameter of `X509_gmtime_adj()` expects a `long`, but the `$days` parameter of `openssl_csr_sign()` a `zend_long`. We must avoid signed integer overflow (UB), but also must not silently truncate. Thus we check the given `$days` for the permissible range, and bail out otherwise. Closes GH-16437. show more ...

Revision

Date

Author

Comments

# 2bdf2f91

14-Oct-2024

Christoph M. Becker

Fix GH-16433: Large values for openssl_csr_sign() $days overflow

The `offset_sec` parameter of `X509_gmtime_adj()` expects a `long`, but
the `$days` parameter of `openssl_csr_sign()` a `

Fix GH-16433: Large values for openssl_csr_sign() $days overflow

The `offset_sec` parameter of `X509_gmtime_adj()` expects a `long`, but
the `$days` parameter of `openssl_csr_sign()` a `zend_long`. We must
avoid signed integer overflow (UB), but also must not silently truncate.
Thus we check the given `$days` for the permissible range, and bail out
otherwise.

Closes GH-16437.