diff options
| author | jvoisin | 2026-04-24 11:29:18 +0200 |
|---|---|---|
| committer | jvoisin | 2026-04-24 11:29:18 +0200 |
| commit | 237131c6f02ce1bca8c5a41b25c274ff2c34e751 (patch) | |
| tree | cb9018438dbe1d5c9eaec7c1d30e04b187f4d78f /src/sp_crypt.c | |
| parent | c0ea33d05dfb503f60a842372c336d12b23259ba (diff) | |
Fix a possible null-pointer dereference in cookies encryption
Diffstat (limited to 'src/sp_crypt.c')
| -rw-r--r-- | src/sp_crypt.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/sp_crypt.c b/src/sp_crypt.c index 6d48554..9d4e6bb 100644 --- a/src/sp_crypt.c +++ b/src/sp_crypt.c | |||
| @@ -42,6 +42,11 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) { | |||
| 42 | 42 | ||
| 43 | zend_string *debase64 = php_base64_decode((unsigned char *)(Z_STRVAL_P(pDest)), Z_STRLEN_P(pDest)); | 43 | zend_string *debase64 = php_base64_decode((unsigned char *)(Z_STRVAL_P(pDest)), Z_STRLEN_P(pDest)); |
| 44 | 44 | ||
| 45 | if (!debase64) { | ||
| 46 | sp_log_drop( "cookie_encryption", "Unable to base64-decode the cookie"); | ||
| 47 | return ZEND_HASH_APPLY_REMOVE; | ||
| 48 | } | ||
| 49 | |||
| 45 | if (ZSTR_LEN(debase64) < crypto_secretbox_NONCEBYTES) { | 50 | if (ZSTR_LEN(debase64) < crypto_secretbox_NONCEBYTES) { |
| 46 | if (true == simulation) { | 51 | if (true == simulation) { |
| 47 | sp_log_simulation( | 52 | sp_log_simulation( |