Edit report at https://bugs.php.net/bug.php?id=60895&edit=1
ID: 60895 Comment by: root at ihack dot net Reported by: root at ihack dot net Summary: null pointer dereference in php_win32_free_rng_lock() Status: Open Type: Bug Package: Unknown/Other Function Operating System: Windows Server 2008 R2 x64 PHP Version: 5.3.9 Block user comment: N Private report: N New Comment: BTW, this bug was introduced in revision 312201, during the 5.3.7 release cycle. Previous Comments: ------------------------------------------------------------------------ [2012-01-26 19:45:21] root at ihack dot net Description: ------------ If php_win32_get_random_bytes() has never been called, then this line of code: + CryptReleaseContext(hCryptProv, 0); passes a null pointer, resulting in a C0000005 exception in CryptReleaseContext(). This line should be preceded by: if (has_crypto_ctx) This was specifically tested with the windows.php.net 32-bit TS build running on 64-bit Windows. I do not know how it behaves in other configurations. Test script: --------------- I do not have a short test case, but the bug is pretty obvious. ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=60895&edit=1