Merge branch 'PHP-8.2'

adoy · adoy · commit c790373f8af7 · 2023-06-06T18:10:49.000-04:00
* PHP-8.2: Update NEWS Update NEWS Update NEWS Fix phpGH-11382 add missing hash header for bin2hex Fix missing randomness check and insufficient random bytes for SOAP HTTP Digest
diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c
@@ -20,6 +20,7 @@
 #include "ext/standard/base64.h"
 #include "ext/standard/md5.h"
 #include "ext/random/php_random.h"
+#include "ext/hash/php_hash.h"
 
 static char *get_http_header_value_nodup(char *headers, char *type, size_t *len);
 static char *get_http_header_value(char *headers, char *type);
@@ -657,18 +658,23 @@ int make_http_soap_request(zval        *this_ptr,
 			has_authorization = 1;
 			if (Z_TYPE_P(digest) == IS_ARRAY) {
 				char          HA1[33], HA2[33], response[33], cnonce[33], nc[9];
-				zend_long     nonce;
+				unsigned char nonce[16];
 				PHP_MD5_CTX   md5ctx;
 				unsigned char hash[16];
 
-				php_random_bytes_throw(&nonce, sizeof(nonce));
-				nonce &= 0x7fffffff;
+				if (UNEXPECTED(php_random_bytes_throw(&nonce, sizeof(nonce)) != SUCCESS)) {
+					ZEND_ASSERT(EG(exception));
+					php_stream_close(stream);
+					convert_to_null(Z_CLIENT_HTTPURL_P(this_ptr));
+					convert_to_null(Z_CLIENT_HTTPSOCKET_P(this_ptr));
+					convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr));
+					smart_str_free(&soap_headers_z);
+					smart_str_free(&soap_headers);
+					return FALSE;
+				}
 
-				PHP_MD5Init(&md5ctx);
-				snprintf(cnonce, sizeof(cnonce), ZEND_LONG_FMT, nonce);
-				PHP_MD5Update(&md5ctx, (unsigned char*)cnonce, strlen(cnonce));
-				PHP_MD5Final(hash, &md5ctx);
-				make_digest(cnonce, hash);
+				php_hash_bin2hex(cnonce, nonce, sizeof(nonce));
+				cnonce[32] = 0;
 
 				if ((tmp = zend_hash_str_find(Z_ARRVAL_P(digest), "nc", sizeof("nc")-1)) != NULL &&
 					Z_TYPE_P(tmp) == IS_LONG) {
