|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2013-03-05 07:55 UTC] nicolyon at free dot fr
Description: ------------ When accepting a connection from a SSL socket with openssl >= 1.0.1d PHP crash. When using openssl 1.0.1c or lower there's no crash. Here the stack : #0 0x00007f2f58eafd1a in ssl_set_cert_masks () from /usr/lib/libssl.so.1.0.0 #1 0x00007f2f58eb0596 in ssl_get_server_send_pkey () from /usr/lib/libssl.so.1.0.0 #2 0x00007f2f58eb0689 in ssl_get_server_send_cert () from /usr/lib/libssl.so.1.0.0 #3 0x00007f2f4c84bf23 in php_SSL_new_from_context () from /usr/lib/php/extensions/openssl.so #4 0x00007f2f4c84d5b9 in php_openssl_sockop_set_option () from /usr/lib/php/extensions/openssl.so #5 0x00000000006247cc in _php_stream_set_option () #6 0x000000000062fe9e in php_stream_xport_crypto_setup () #7 0x00007f2f4c84d294 in php_openssl_sockop_set_option () from /usr/lib/php/extensions/openssl.so #8 0x00000000006247cc in _php_stream_set_option () #9 0x000000000062fcb9 in php_stream_xport_accept () #10 0x00000000005c9e9c in zif_stream_socket_accept () Test script: --------------- $context = stream_context_create(); $errno = 0; $errstr = ""; $s = stream_socket_server( "ssl://127.0.0.1:800", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $context ); do just telnet localhost 800 for crash Expected result: ---------------- no crash Actual result: -------------- segfault PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sat May 03 17:01:27 2025 UTC |
Same problem happens with PHP 5.4.14 OpenSSL 1.0.1e GDB bt: #0 0x00007f8493d2300a in ssl_set_cert_masks () from /usr/local/ssl/lib/libssl.so.1.0.0 #1 0x00007f8493d23886 in ssl_get_server_send_pkey () from /usr/local/ssl/lib/libssl.so.1.0.0 #2 0x00007f8493d23979 in ssl_get_server_send_cert () from /usr/local/ssl/lib/libssl.so.1.0.0 #3 0x000000000047880b in php_SSL_new_from_context (ctx=0x1504f80, stream=stream@entry=0x7f8495ef7c98) at /usr/local/sorgenti/src/php-5.4.14/ext/openssl/openssl.c:4574 #4 0x0000000000479e2c in php_openssl_setup_crypto (sslsock=0x7f8495ef7c20, stream=0x7f8495ef7c98, cparam=<optimized out>) at /usr/local/sorgenti/src/php-5.4.14/ext/openssl/xp_ssl.c:410 #5 php_openssl_sockop_set_option (stream=0x7f8495ef7c98, option=<optimized out>, value=<optimized out>, ptrparam=0x7fff88da47b0) at /usr/local/sorgenti/src/php-5.4.14/ext/openssl/xp_ssl.c:755 #6 0x000000000071fe4c in _php_stream_set_option (stream=stream@entry=0x7f8495ef7c98, option=option@entry=8, value=value@entry=0, ptrparam=ptrparam@entry=0x7fff88da47b0) at /usr/local/sorgenti/src/php-5.4.14/main/streams/streams.c:1358 #7 0x000000000072a487 in php_stream_xport_crypto_setup (stream=stream@entry=0x7f8495ef7c98, crypto_method=<optimized out>, session_stream=<optimized out>) at /usr/local/sorgenti/src/php-5.4.14/main/streams/transports.c:364 #8 0x00000000006cdea7 in zif_stream_socket_enable_crypto (ht=<optimized out>, return_value=0x7f8495ef9b00, return_value_ptr=<optimized out>, this_ptr=<optimized out>, return_value_used=<optimized out>) at /usr/local/sorgenti/src/php-5.4.14/ext/standard/streamsfuncs.c:1506 #9 0x0000000000808af0 in zend_do_fcall_common_helper_SPEC (execute_data=0x7f8495ec4288) at /usr/local/sorgenti/src/php-5.4.14/Zend/zend_vm_execute.h:643 #10 0x00000000007c45ec in execute (op_array=0x1504e30) at /usr/local/sorgenti/src/php-5.4.14/Zend/zend_vm_execute.h:410 #11 0x0000000000767790 in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3) at /usr/local/sorgenti/src/php-5.4.14/Zend/zend.c:1315 #12 0x0000000000709d99 in php_execute_script (primary_file=primary_file@entry=0x7fff88da6db0) at /usr/local/sorgenti/src/php-5.4.14/main/main.c:2492 #13 0x000000000080b111 in do_cli (argc=60, argv=0x7fff88da8218) at /usr/local/sorgenti/src/php-5.4.14/sapi/cli/php_cli.c:988 #14 0x00000000004382f5 in main (argc=60, argv=0x7fff88da8218) at /usr/local/sorgenti/src/php-5.4.14/sapi/cli/php_cli.c:1364 Test script: --------------- FTP login (SSL) [ext/ftp/tests/002.phpt] Expected result: ---------------- no crash Actual result: -------------- segfault