1--TEST-- 2openssl key from zval leaks 3--SKIPIF-- 4<?php 5if (!extension_loaded("openssl")) die("skip"); 6?> 7--FILE-- 8<?php 9$pub_key_id = false; 10$signature = ''; 11$ok = openssl_verify("foo", $signature, $pub_key_id, OPENSSL_ALGO_MD5); 12 13class test { 14 function __toString() { 15 return "test object"; 16 } 17} 18$t = new test; 19 20 21var_dump(openssl_verify("foo", $signature, $pub_key_id, OPENSSL_ALGO_MD5)); 22var_dump(openssl_verify("foo", $t, $pub_key_id, OPENSSL_ALGO_MD5)); 23 24echo "Done\n"; 25 26?> 27--EXPECTF-- 28Warning: openssl_verify(): Supplied key param cannot be coerced into a public key in %s on line %d 29 30Warning: openssl_verify(): Supplied key param cannot be coerced into a public key in %s on line %d 31bool(false) 32 33Warning: openssl_verify(): Supplied key param cannot be coerced into a public key in %s on line %d 34bool(false) 35Done 36