Skip to content

Commit c2eafc2

Browse files
committed
Fix #81714: segfault when serializing finalized HashContext
We must not allow to serialize already finalized `HashContext`s, since the internal context is already freed. Since there is not much point in serializing finalized `HashContext`s, we just bail out in that case. Closes GH-8265.
1 parent 43f3745 commit c2eafc2

File tree

3 files changed

+20
-0
lines changed

3 files changed

+20
-0
lines changed

NEWS

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,9 @@ PHP NEWS
1818
- Filter:
1919
. Fixed signedness confusion in php_filter_validate_domain(). (cmb)
2020

21+
- Hash:
22+
. Fixed bug #81714 (segfault when serializing finalized HashContext). (cmb)
23+
2124
- Intl:
2225
. Fixed bug GH-8142 (Compilation error on cygwin). (David Carlier)
2326

ext/hash/hash.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -227,6 +227,9 @@ PHP_HASH_API int php_hash_serialize_spec(const php_hashcontext_object *hash, zva
227227
size_t pos = 0, max_alignment = 1;
228228
unsigned char *buf = (unsigned char *) hash->context;
229229
zval tmp;
230+
if (buf == NULL) {
231+
return FAILURE;
232+
}
230233
array_init(zv);
231234
while (*spec != '\0' && *spec != '.') {
232235
char spec_ch = *spec;

ext/hash/tests/bug81714.phpt

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
--TEST--
2+
Bug #81714 (segfault when serializing finalized HashContext)
3+
--FILE--
4+
<?php
5+
$h = hash_init('md5');
6+
hash_final($h);
7+
try {
8+
serialize($h);
9+
} catch (Exception $ex) {
10+
var_dump($ex->getMessage());
11+
}
12+
?>
13+
--EXPECTF--
14+
string(52) "HashContext for algorithm "md5" cannot be serialized"

0 commit comments

Comments
 (0)