php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #29418 OpenSSL mysteriously makes PHP segfault
Submitted: 2004-07-28 05:26 UTC Modified: 2004-10-26 11:32 UTC
From: sartre at gmail dot com Assigned:
Status: Closed Package: OpenSSL related
PHP Version: 4.3.8 OS: Linux (Slackware 10.0)
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: sartre at gmail dot com
New email:
PHP Version: OS:

 

 [2004-07-28 05:26 UTC] sartre at gmail dot com 
Description:
------------
(using PHP 4.3.8 as the standalone executable, OpenSSL 0.9.7d)

I was writing a regression script for testing my script but when signing a certificate with a CA I stumbled upon an unending delay (self-signed first and then signed against the generated CA in the same script).

The PHP executable (I am not running apache) does not always reproduce the segfault.

The *error* (forced in the script):
The client uses the same private key as the CA.

PS: It's my first time using OpenSSL in PHP, and I do not understand most of it, but I didn't expect to get a segfault.


Reproduce code:
---------------
$key = openssl_pkey_new ();
$csr = openssl_csr_new ($dn, $key);
openssl_csr_export ($csr, $csr_exported);
$csr_signed = openssl_csr_sign ($csr, NULL, $key, 365);
openssl_x509_export ($csr_signed, $x509_exported);
openssl_pkey_export ($key, $key_exported, '');
$key_public = openssl_pkey_get_public ($x509_exported);
$struct = openssl_x509_parse ($x509_exported);
// set $dn to other value
$cert_ca = openssl_x509_read ($x509_exported);
$cert_cakey = openssl_pkey_get_private ($cert_client);
$client_csr = openssl_csr_new ($dn, $cert_cakey);
openssl_csr_export ($client_csr, $client_csr_exported);
// here!
openssl_csr_sign ($client_csr, $cert_ca, $cert_cakey, 365);

// (I cannot continue)


Expected result:
----------------
Segfault


Actual result:
--------------
#0  0x40536bff in mallopt () from /lib/libc.so.6
#1  0x40535a2f in free () from /lib/libc.so.6
#2  0x08189e7d in shutdown_memory_manager ()
#3  0x0816e470 in php_request_shutdown ()
#4  0x081a82c0 in main ()

(I expected to see any SSL function called)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-07-29 05:45 UTC] wez@php.net 
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.
 [2004-07-29 06:03 UTC] sartre at gmail dot com 
There's a backtrace in the 'actual result' field..

Mysteriously it did not contain *any* zend routine.

Whether this may or may not be a scripting bug, I (nor would any of we) didn't expect PHP to segfault (that's why I posted that).

Thanks!
 [2004-07-29 08:16 UTC] wez@php.net 
Read the instructions *carefully* on how to produce a useful backtrace with debugging information.
 [2004-08-13 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2004-10-26 11:35 UTC] wez@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Thanks to Kamesh Jayachandran and Netware.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Feb 01 19:01:32 2025 UTC