|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2012-10-17 09:20 UTC] ab@php.net
Description:
------------
The test below fails on Windows
Test script:
---------------
ext\phar\tests\tar\phar_setsignaturealgo2.phpt
Expected result:
----------------
test Pass
Actual result:
--------------
There are several popups with the following messages when runnign on a debug build:
Run-Time Check Failure #2 - Stack around the variable 'data_len' was corrupted
Run-Time Check Failure #2 - Stack around the variable 'md_ctx' was corrupted
After the test has run, it's marked as passed though.
On a release build here's the diff
031+ phar error: unable to write signature to tar-based phar: unable to write phar "C:/php-sdk/php-test-pack-5.3-nts-windows-vc9-x86-r5d9fb8f/ext/phar/tests/tar/phar_setsignaturealgo2.phar.tar" with requested openssl signature===DONE===
031- array(2) {
032- ["hash"]=>
033- string(%d) "%s"
034- ["hash_type"]=>
035- string(7) "OpenSSL"
036- }
037- ===DONE===
Patchesbug63297 (last revision 2012-10-17 09:22 UTC by ab@php.net)Pull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu Nov 21 11:01:29 2024 UTC |
I've tried with the following snippet: ============= START SNIPPET ================ #include <stdlib.h> #include <openssl/evp.h> #include <openssl/pem.h> #include <openssl/rsa.h> int main(int argc, char *argv[]) { EVP_MD_CTX *mdctx = NULL; unsigned char sign_value[1024]; int sign_len, i; EVP_PKEY *pkey = NULL; RSA *rpkey = NULL; FILE *rpkey_file; mdctx = EVP_MD_CTX_create(); rpkey_file = fopen("./rsa.key", "r"); if (!rpkey_file) { return 3; } PEM_read_RSAPrivateKey(rpkey_file, &rpkey, NULL, NULL); pkey = EVP_PKEY_new(); EVP_PKEY_set1_RSA(pkey, rpkey); EVP_SignInit_ex(mdctx, EVP_sha1(), NULL); EVP_SignUpdate(mdctx, "abracadabra0", strlen("abracadabra0")); EVP_SignUpdate(mdctx, "abracadabra1", strlen("abracadabra1")); EVP_SignUpdate(mdctx, "abracadabra2", strlen("abracadabra2")); EVP_SignUpdate(mdctx, "abracadabra3", strlen("abracadabra3")); EVP_SignUpdate(mdctx, "abracadabra4", strlen("abracadabra4")); EVP_SignFinal(mdctx, sign_value, (unsigned int *)&sign_len, pkey); sign_value[sign_len] = '\0'; EVP_MD_CTX_destroy(mdctx); printf("Signature is: "); for(i = 0; i < sign_len; i++) { printf("%02x", sign_value[i]); } printf("\n"); fclose(rpkey_file); return 0; } ============= END SNIPPET ================ It does the same thing as the code in the phar extension producing a signature. Running that with valgrind gives a bunch of messages about openssl. After reading the openssl wiki http://www.openssl.org/support/faq.html#PROG13 I think the actual issue here is that no cleanup is performed on openssl, but that's a more global issue. Thus, there is no clean run with or without the patch using valgrind. But the patch fixes the test run on windows, so i think it's worth to apply it.