From 0988660cc2f5d194468f81fab48160c0f9b253dc Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Sat, 15 Dec 2018 14:30:32 +0000
Subject: Improve simulation mode for session cookies (#259)

Since decrypt_zval doesn't provide a way to tell apart failed and successful decryption when used in simulation mode, we'll have to restore the original value if something goes wrong, because crypto_secretbox_open might modify the value.---
 src/sp_crypt.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'src/sp_crypt.c')

diff --git a/src/sp_crypt.c b/src/sp_crypt.c
index b6eaa59..525da56 100644
--- a/src/sp_crypt.c
+++ b/src/sp_crypt.c
@@ -91,6 +91,8 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) {
   generate_key(key);
 
   decrypted = ecalloc(ZSTR_LEN(debase64) + crypto_secretbox_ZEROBYTES, 1);
+  char *backup = ecalloc(ZSTR_LEN(debase64), 1);
+  memcpy(backup, ZSTR_VAL(debase64), ZSTR_LEN(debase64));
 
   ret = crypto_secretbox_open(
       decrypted,
@@ -105,19 +107,25 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) {
           "Something went wrong with the decryption of %s. Using the cookie "
           "'as it' instead of decrypting it",
           hash_key ? ZSTR_VAL(hash_key->key) : "the session");
+      memcpy(ZSTR_VAL(debase64), backup, ZSTR_LEN(debase64));
+      efree(backup);
       return ZEND_HASH_APPLY_KEEP;
     } else {
       sp_log_msg("cookie_encryption", SP_LOG_WARN,
                  "Something went wrong with the decryption of %s",
                  hash_key ? ZSTR_VAL(hash_key->key) : "the session");
+      efree(backup);
       return ZEND_HASH_APPLY_REMOVE;
     }
   }
+  efree(backup);
 
   ZVAL_STRINGL(pDest, (char *)(decrypted + crypto_secretbox_ZEROBYTES),
                ZSTR_LEN(debase64) - crypto_secretbox_NONCEBYTES - 1 -
                    crypto_secretbox_ZEROBYTES);
 
+  zend_string_release(decrypted);
+
   return ZEND_HASH_APPLY_KEEP;
 }
 
-- 
cgit v1.3