php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #35496 Segfault in mcrypt_generic()
Submitted: 2005-11-30 19:15 UTC Modified: 2005-12-01 00:54 UTC
From: iblue at gmx dot net Assigned: ilia (profile)
Status: Closed Package: mcrypt related
PHP Version: 5.1.1 OS: Linux 2.6.14-iblue0
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: iblue at gmx dot net
New email:
PHP Version: OS:

 

 [2005-11-30 19:15 UTC] iblue at gmx dot net 
Description:
------------
php segfaults when executing the reproduce code.

Reproduce code:
---------------
<?php
  $x = "foobar";
  
  $td = mcrypt_module_open('rijndael-256', '', 'ofb', '');
  $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
  $ks = mcrypt_enc_get_key_size($td);

  $key = md5("foobar");
  
  $encrypted = mcrypt_generic($td, $x);
?>

Expected result:
----------------
No output and a clean exit.

Actual result:
--------------
(gdb) run -q bug.php
Starting program: /home/iblue/src/php-5.1.1/sapi/cli/php -q bug.php
[Thread debugging using libthread_db enabled]
[New Thread -1214781760 (LWP 17768)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1214781760 (LWP 17768)]
0xb7f22b70 in mcrypt_mutex_register () from /usr/lib/libmcrypt.so.4
(gdb) bt
#0  0xb7f22b70 in mcrypt_mutex_register () from /usr/lib/libmcrypt.so.4
#1  0xb7f20203 in mcrypt_enc_get_algorithms_name () from /usr/lib/libmcrypt.so.4
#2  0xb7f1f197 in mcrypt_generic () from /usr/lib/libmcrypt.so.4
#3  0x080ec88b in zif_mcrypt_generic (ht=2, return_value=0x84f17bc, return_value_ptr=0x0, this_ptr=0x0,
    return_value_used=1, tsrm_ls=0x83ed018) at /home/iblue/src/php-5.1.1/ext/mcrypt/mcrypt.c:489
#4  0x0825d2cd in zend_do_fcall_common_helper_SPEC (execute_data=0xbfacdc48, tsrm_ls=0x83ed018)
    at /home/iblue/src/php-5.1.1/Zend/zend_vm_execute.h:188
#5  0x082630bf in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xbfacdc48, tsrm_ls=0x83ed018)
    at /home/iblue/src/php-5.1.1/Zend/zend_vm_execute.h:1578
#6  0x0825cbfc in execute (op_array=0x84fc0ac, tsrm_ls=0x83ed018) at /home/iblue/src/php-5.1.1/Zend/zend_vm_execute.h:88#7  0x08238816 in zend_execute_scripts (type=8, tsrm_ls=0x83ed018, retval=0x0, file_count=3)
    at /home/iblue/src/php-5.1.1/Zend/zend.c:1090
#8  0x081fc32b in php_execute_script (primary_file=0xbfacffe4, tsrm_ls=0x83ed018)
    at /home/iblue/src/php-5.1.1/main/main.c:1704
#9  0x082e26ca in main (argc=3, argv=0xbfad0084) at /home/iblue/src/php-5.1.1/sapi/cli/php_cli.c:1039

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-11-30 21:31 UTC] iliaa@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

The problem is due to you attempting to encrypt a string without calling mcrypt_generic_init() function first.
 [2005-11-30 21:50 UTC] iblue at gmx dot net 
You are right, I have not read the manual and thought this 
would be a "real" bug.
But, in my opinion, when php crashes it is a bug, regardless 
of what I did.

It would be nice to have a warning or an error instead of a 
segfault.
 [2005-11-30 21:57 UTC] tony2001@php.net 
After a short discussion we decided to work around this segfault.
Assigned to Ilia, he's working on the patch.
 [2005-12-01 00:54 UTC] iliaa@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Oct 25 01:00:01 2025 UTC