Merge branch 'PHP-7.4'

cmb69 · cmb69 · commit 3b26a3868e06 · 2020-03-23T16:33:26.000+01:00
* PHP-7.4:
  Fix leak on Windows as well
diff --git a/ext/mysqlnd/mysqlnd_auth.c b/ext/mysqlnd/mysqlnd_auth.c
@@ -807,6 +807,7 @@ mysqlnd_sha256_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t server_pub
 	*/
 	if ((size_t) server_public_key_len <= passwd_len + 41) {
 		/* password message is to long */
+		BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
 		SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
 		DBG_ERR("password is too long");
 		DBG_RETURN(0);
@@ -816,6 +817,7 @@ mysqlnd_sha256_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t server_pub
 	ret = malloc(*auth_data_len);
 	if (BCryptEncrypt((BCRYPT_KEY_HANDLE) server_public_key, xor_str, passwd_len + 1, &padding_info,
 			NULL, 0, ret, server_public_key_len, &server_public_key_len, BCRYPT_PAD_OAEP)) {
+		BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
 		DBG_RETURN(0);
 	}
 	BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
@@ -1055,6 +1057,7 @@ mysqlnd_caching_sha2_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t serv
 	*/
 	if ((size_t) server_public_key_len <= passwd_len + 41) {
 		/* password message is to long */
+		BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
 		SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
 		DBG_ERR("password is too long");
 		DBG_RETURN(0);
@@ -1063,8 +1066,10 @@ mysqlnd_caching_sha2_public_encrypt(MYSQLND_CONN_DATA * conn, mysqlnd_rsa_t serv
 	*crypted = emalloc(server_public_key_len);
 	if (BCryptEncrypt((BCRYPT_KEY_HANDLE) server_public_key, xor_str, passwd_len + 1, &padding_info,
 			NULL, 0, *crypted, server_public_key_len, &server_public_key_len, BCRYPT_PAD_OAEP)) {
+		BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
 		DBG_RETURN(0);
 	}
+	BCryptDestroyKey((BCRYPT_KEY_HANDLE) server_public_key);
 	DBG_RETURN(server_public_key_len);
 }
 /* }}} */
