|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2009-10-01 16:17 UTC] terrafrost@php.net
Description:
------------
In bug # 41252, it was observed that, in PHP4, calling mcrypt_generic() before calling mcrypt_module_open() would cause PHP4 to crash. PHP5 apparently had extra checks to protect against this that were backported. These extra checks, however, do not appear to be sufficient, as the following reproduce code demonstrates.
Sure, calling mcrypt_generic_deinit() before calling mcrypt_generic is probably not something you ought to be doing, anyway, but I still don't think it ought to crash PHP.
Reproduce code:
---------------
<?php
$td = mcrypt_module_open(MCRYPT_DES, '', MCRYPT_MODE_ECB, '');
mcrypt_generic_init($td, 'aaaaaaaa', 'aaaaaaaa');
mcrypt_generic_deinit($td);
echo mcrypt_generic($td, 'aaaaaaaa');
?>
Expected result:
----------------
Warning: mcrypt_generic(): Operation disallowed prior to
mcrypt_generic_init() in {filename} on line 5
Actual result:
--------------
It crashes.
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Mar 11 19:01:31 2025 UTC |
thanks for reporting this issue. i was able to reproduce this and here is the back trace current thread: t@1 [1] permute_ip(0x8c6fa70, 0x0, 0x8046588, 0xfeeec5ea), at 0xfeeeca3e [2] des_LTX__mcrypt_encrypt(0x0, 0x8c6fa70, 0x0, 0xfeef00b2), at 0xfeeec603 [3] ecb_LTX__mcrypt(0x0, 0x8c6fa70, 0x8, 0x8, 0x0, 0xfeeec5dc, 0xfeeec7dc, 0xfeee6732), at 0xfeef0153 [4] mcrypt(0x8dfcd20, 0x0, 0x8c6fa70, 0x8, 0x8046678), at 0xfeee676f =>[5] mcrypt_generic(0x8dfcd20, 0x8c6fa70, 0x8), at 0xfeee50a0 [6] zif_mcrypt_generic(ht = 2, return_value = 0x8c6f938, return_value_ptr = (nil), this_ptr = (nil), return_value_used = 1), line 682 in "mcrypt.c" [7] zend_do_fcall_common_helper_SPEC(execute_data = 0x8dfcf60), line 313 in "zend_vm_execute.h" [8] ZEND_DO_FCALL_SPEC_CONST_HANDLER(execute_data = 0x8dfcf60), line 1602 in "zend_vm_execute.h" [9] execute(op_array = 0x8c6f098), line 104 in "zend_vm_execute.h" [10] zend_execute_scripts(type = 8, retval = (nil), file_count = 3, ... = (nil), ...), line 1188 in "zend.c" [11] php_execute_script(primary_file = 0x8047140), line 2214 in "main.c" [12] main(argc = 2, argv = 0x80471bc), line 1190 in "php_cli.c" here is why this issue is happening when mcrypt_generic_deinit is invoked , we should set init = 0 so that next request of mcrypt_generic will force user to invoke generic_init again. here is a patch that can address this bug [sriramn@sriramn]'PHP_5_3'>svn diff Index: ext/mcrypt/mcrypt.c =================================================================== --- ext/mcrypt/mcrypt.c (revision 289068) +++ ext/mcrypt/mcrypt.c (working copy) @@ -780,6 +780,7 @@ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not terminate encryption specifier"); RETURN_FALSE } + pm->init = 0; RETURN_TRUE } /* }}} */