php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #59297 Segv with "new OAuthProvider()" by Authorization header
Submitted: 2010-07-07 12:54 UTC Modified: 2010-07-09 10:20 UTC
From: php at kotas dot jp Assigned:
Status: Closed Package: oauth (PECL)
PHP Version: 5.3.2 OS: CentOS/Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: php at kotas dot jp
New email:
PHP Version: OS:

 

 [2010-07-07 12:54 UTC] php at kotas dot jp
Description:
------------
Hi.

I tried to write a 2-legged OAuth provider and its consumer 
with oauth 1.0.0 (stable) and found that a segmentation 
fault occurs within "new OAuthProvider()" when
"Authorization: OAuth ..." header exists in the request 
header.

I put the two php files in the reproduce code below in 
"http://localhost/",
and opened "http://localhost/consumer.php" in the browser.
Then, Apache's child process dies with Segmentation fault 
signal.

Reproduced in:
- CentOS 5.5 (Linux 2.6 x86_64) + Apache 2.2.3 + PHP 5.3.2
- Mac OS X 10.6.4 + Apache 2.2.15 + PHP 5.3.2

Reproduce code:
---------------
consumer.php:
<?php
try {
    $oauth = new OAuth('key', 'secret',
                       OAUTH_SIG_METHOD_HMACSHA1,
                       OAUTH_AUTH_TYPE_AUTHORIZATION);
    $oauth->fetch('http://localhost/provider.php', array(),
                  OAUTH_HTTP_METHOD_GET);
    echo $oauth->getLastResponse();
} catch (OAuthException $e) {
    echo $e->getMessage() . "\n";
}
?>

provider.php:
<?php
new OAuthProvider();
echo "OK\n";
?>

Expected result:
----------------
OK

Actual result:
--------------
making the request failed (server returned nothing (no 
headers, no data))

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-07-07 16:11 UTC] jawed@php.net
Can you please provide a backtrace?

http://bugs.php.net/bugs-generating-backtrace.php

- JJ
 [2010-07-08 05:47 UTC] php at kotas dot jp
To JJ

Thank you for your reply. Here's the backtrace...

#0  _zend_mm_free_int (heap=0x2abbcf3979a0, 
p=0x2abbcf4edd90) at /root/src/php-
5.3.2/Zend/zend_alloc.c:2018
#1  0x00002abbc4b4bafd in _zval_dtor (pce=0x2abbcf533800, 
    subject=0x2abbcf4edeed " 
oauth_consumer_key=\"key\",oauth_signature_method=\"HMAC-
SHA1\",oauth_nonce=\"4099001454c359de62ebb58.96756518\",oaut
h_timestamp=\"1278582246\",oauth_version=\"1.0\",oauth_signa
ture=\"q9p9QtILjOPuKww4JqiLTa%2F8"..., subject_len=206, 
    return_value=0x2abbcf4edb28, subpats=0x2abbcf4ede50, 
global=1, use_flags=1, flags=2, start_offset=0)
    at /root/src/php-5.3.2/Zend/zend_variables.h:35
#2  php_pcre_match_impl (pce=0x2abbcf533800, 
    subject=0x2abbcf4edeed " 
oauth_consumer_key=\"key\",oauth_signature_method=\"HMAC-
SHA1\",oauth_nonce=\"4099001454c359de62ebb58.96756518\",oaut
h_timestamp=\"1278582246\",oauth_version=\"1.0\",oauth_signa
ture=\"q9p9QtILjOPuKww4JqiLTa%2F8"..., subject_len=206, 
    return_value=0x2abbcf4edb28, subpats=0x2abbcf4ede50, 
global=1, use_flags=1, flags=2, start_offset=0)
    at /root/src/php-5.3.2/ext/pcre/php_pcre.c:542
#3  0x00002abbc99236de in oauth_provider_parse_auth_header 
(ht=<value optimized out>, return_value=<value optimized 
out>, 
    return_value_ptr=<value optimized out>, 
this_ptr=0x2abbcf4ec668, return_value_used=<value optimized 
out>)
    at /tmp/pear/temp/oauth/provider.c:229
#4  zim_oauthprovider___construct (ht=<value optimized out>, 
return_value=<value optimized out>, return_value_ptr=<value 
optimized out>, 
    this_ptr=0x2abbcf4ec668, return_value_used=<value 
optimized out>) at /tmp/pear/temp/oauth/provider.c:509
#5  0x00002abbc4cca989 in zend_do_fcall_common_helper_SPEC 
(execute_data=0x2abbc9fa7050)
    at /root/src/php-5.3.2/Zend/zend_vm_execute.h:313
#6  0x00002abbc4ca12be in execute (op_array=0x2abbcf4ec330) 
at /root/src/php-5.3.2/Zend/zend_vm_execute.h:104
#7  0x00002abbc4c7dd69 in zend_execute_scripts (type=8, 
retval=0x0, file_count=3) at /root/src/php-
5.3.2/Zend/zend.c:1194
#8  0x00002abbc4c2c7c8 in php_execute_script 
(primary_file=0x7fff042c3880) at /root/src/php-
5.3.2/main/main.c:2260
#9  0x00002abbc4d0507d in php_handler (r=0x2abbcf52d2b8) at 
/root/src/php-5.3.2/sapi/apache2handler/sapi_apache2.c:655
#10 0x00002abbba1c1a4a in ap_run_handler ()
#11 0x00002abbba1c4ec2 in ap_invoke_handler ()
#12 0x00002abbba1cf918 in ap_process_request ()
#13 0x00002abbba1ccb50 in ?? ()
#14 0x00002abbba1c8cb2 in ap_run_process_connection ()
#15 0x00002abbba1d3769 in ?? ()
#16 0x00002abbba1d3969 in ?? ()
#17 0x00002abbba1d4487 in ap_mpm_run ()
#18 0x00002abbba1aee48 in main ()
 [2010-07-09 09:20 UTC] datibbaw@php.net
Please try the trunk version, made a minor fix that should work for you.
 [2010-07-09 10:20 UTC] php at kotas dot jp
I have confirmed it's fixed in trunk, both in CentOS and Mac 
OS X.

Thank you so much for your work!
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 12:01:31 2024 UTC