Permalink
Browse files

- fix #60895, possible invalid handler usage

  • Loading branch information...
1 parent 07cf07d commit d54710ae2f30d15c7f272c8311c4267b458d0df5 @pierrejoye pierrejoye committed Jan 27, 2012
Showing with 11 additions and 4 deletions.
  1. +7 −2 NEWS
  2. +4 −2 win32/winutil.c
View
9 NEWS
@@ -1,8 +1,13 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? Jan 2012, PHP 5.4.0 RC 7
-- Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
- CVE-2011-3389. (Scott)
+- Core:
+ . Fix bug #60895 (Possible invalid handler usage in windows random
+ functions). (Pierre)
+
+- OpenSSL:
+ . Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
+ CVE-2011-3389. (Scott)
19 Jan 2012, PHP 5.4.0 RC6
View
@@ -62,8 +62,10 @@ void php_win32_init_rng_lock()
void php_win32_free_rng_lock()
{
tsrm_mutex_lock(php_lock_win32_cryptoctx);
- CryptReleaseContext(hCryptProv, 0);
- has_crypto_ctx = 0;
+ if (has_crypto_ctx == 1) {
+ CryptReleaseContext(hCryptProv, 0);
+ has_crypto_ctx = 0;
+ }
tsrm_mutex_unlock(php_lock_win32_cryptoctx);
tsrm_mutex_free(php_lock_win32_cryptoctx);

0 comments on commit d54710a

Please sign in to comment.