ext/openssl: Reorder reneg rate-limit decay to avoid integer divide to zero

iliaal · iliaal · commit aee532f68a88 · 2026-05-14T10:02:55.000-04:00
php_openssl_limit_handshake_reneg() computes the bucket decay as
elapsed * (limit / window). Both operands are zend_long, so with the
documented defaults limit=2 and window=300 the inner division truncates
to 0 and the decay term collapses to 0 for every elapsed value. The
leaky bucket stops leaking and the cap fires after exactly limit
renegotiations regardless of how widely spaced in time, not "limit per
window seconds" as documented.

Compute the decay in double-precision floating point so user-controlled
reneg_limit and reneg_window values cannot trigger signed integer
overflow in elapsed_time * limit. Guard against window &lt;= 0 to keep the
divide well-defined under values the existing init handler does not
validate.
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
@@ -1131,7 +1131,9 @@ static void php_openssl_limit_handshake_reneg(const SSL *ssl) /* {{{ */
 
 	elapsed_time = (now.tv_sec - sslsock->reneg->prev_handshake);
 	sslsock->reneg->prev_handshake = now.tv_sec;
-	sslsock->reneg->tokens -= (elapsed_time * (sslsock->reneg->limit / sslsock->reneg->window));
+	if (sslsock->reneg->window > 0) {
+		sslsock->reneg->tokens -= ((double)elapsed_time * (double)sslsock->reneg->limit) / (double)sslsock->reneg->window;
+	}
 
 	if (sslsock->reneg->tokens < 0) {
 		sslsock->reneg->tokens = 0;
