Skip to content

Commit da5e12c

Browse files
committed
PHPC-2149: Ensure masterKey bson_t is freed in createDataKey()
1 parent 24c3ccd commit da5e12c

File tree

2 files changed

+34
-0
lines changed

2 files changed

+34
-0
lines changed

src/MongoDB/ClientEncryption.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -756,10 +756,12 @@ static mongoc_client_encryption_datakey_opts_t* phongo_clientencryption_datakey_
756756

757757
php_phongo_zval_to_bson(php_array_fetchc(options, "masterKey"), PHONGO_BSON_NONE, &masterkey, NULL);
758758
if (EG(exception)) {
759+
bson_destroy(&masterkey);
759760
goto cleanup;
760761
}
761762

762763
mongoc_client_encryption_datakey_opts_set_masterkey(opts, &masterkey);
764+
bson_destroy(&masterkey);
763765
}
764766

765767
return opts;

tests/clientEncryption/bug2149.phpt

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
--TEST--
2+
MongoDB\Driver\ClientEncryption::createDataKey() may leak "masterKey" option
3+
--SKIPIF--
4+
<?php require __DIR__ . "/../utils/basic-skipif.inc"; ?>
5+
<?php skip_if_not_libmongocrypt(); ?>
6+
<?php skip_if_not_live(); ?>
7+
<?php skip_if_server_version('<', '4.2'); ?>
8+
<?php skip_if_not_clean(CSFLE_KEY_VAULT_DATABASE_NAME, CSFLE_KEY_VAULT_COLLECTION_NAME);
9+
--FILE--
10+
<?php
11+
12+
require_once __DIR__ . "/../utils/basic.inc";
13+
14+
$manager = create_test_manager();
15+
16+
$clientEncryption = $manager->createClientEncryption([
17+
'keyVaultNamespace' => CSFLE_KEY_VAULT_NS,
18+
'kmsProviders' => ['local' => ['key' => new MongoDB\BSON\Binary(CSFLE_LOCAL_KEY, 0)]],
19+
]);
20+
21+
/* The "local" provider does not support a "masterKey" option, but this is
22+
* sufficient to grow the stack-allocated bson_t and test for a possible leak. */
23+
throws(function () use ($clientEncryption) {
24+
$clientEncryption->createDataKey('local', ['masterKey' => ['foo' => str_repeat('a', 4096)]]);
25+
}, MongoDB\Driver\Exception\EncryptionException::class);
26+
27+
?>
28+
===DONE===
29+
<?php exit(0); ?>
30+
--EXPECT--
31+
OK: Got MongoDB\Driver\Exception\EncryptionException
32+
===DONE===

0 commit comments

Comments
 (0)