|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74099 Memory leak with openssl_encrypt()
Submitted: 2017-02-15 09:30 UTC Modified: -
From: marcel at webdisplay dot nl Assigned:
Status: Closed Package: OpenSSL related
PHP Version: 7.1.1 OS: macOS Sierra
Private report: No CVE-ID: None
 [2017-02-15 09:30 UTC] marcel at webdisplay dot nl
Encrypting an empty string in AES-256-GCM should return an empty string and valid tag but instead it returns 32 bytes of data from memory which could leak information.

Test script:
$aad = random_bytes(32);
$iv = random_bytes(16);
$key = random_bytes(32);

$plaintext = '';
$tag = null;

$ciphertext = openssl_encrypt($plaintext, 'aes-256-gcm', $key, \OPENSSL_RAW_DATA, $iv, $tag, $aad);

// $ciphertext should be an empty string but it is not in PHP 7.1.*
// Instead it returns random data from memory!
printf("ciphertext=%s, tag=%s", bin2hex($ciphertext), bin2hex($tag));

Expected result:
An empty string must be returned

Actual result:
A 32-byte string from memory is returned


Add a Patch

Pull Requests

Pull requests:

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2017-02-17 09:36 UTC] andrew dot nester dot dev at gmail dot com
Thanks for reporting this issue! Just added PR with fix for this.
 [2017-02-17 20:23 UTC]
Automatic comment on behalf of
Log: Fixed #74099 - Memory leak with openssl_encrypt()
 [2017-02-17 20:23 UTC]
-Status: Open +Status: Closed
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Apr 21 09:01:29 2024 UTC