php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #66952 memory leak in openssl_open()
Submitted: 2014-03-25 04:30 UTC Modified: 2014-04-14 20:48 UTC
From: chuanm at gmail dot com Assigned: stas (profile)
Status: Closed Package: OpenSSL related
PHP Version: 5.4.26 OS: centos 6.4
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: chuanm at gmail dot com
New email:
PHP Version: OS:

 

 [2014-03-25 04:30 UTC] chuanm at gmail dot com 
Description:
------------
This bug is related to https://bugs.php.net/bug.php?id=66942, where openssl_seal() has memory leak. I've got a pull request for the other bug and will provide one for this bug.

### Compiled with:

./configure --with-openssl --with-openssl-dir=/usr/lib64/openssl

### create keys
openssl genrsa -out privkey.pem 2048
openssl rsa -pubout -in privkey.pem -out pubkey.pem

Test script:
---------------
<?php
$data = 'this is test data!??!';
$cert = <<<ABC
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDnic0B5wZsfox3L1sGPGOGkeqR
3zHpIC3q7DUHGJ5XJf9rD6EeLro2QFqo/nd2UVCrJw99163UpIXt0a2H0XfKvyqu
bMkpkZ6/z74NEzVLzKV9KOokFhXsVzzifOQwgnKTUsq8w4iRUbtaUEHKwBMsP5W7
MkCbiKUk5vWF2nTntwIDAQAB
-----END PUBLIC KEY-----
ABC;
$pk1 = openssl_get_publickey($cert);
$privkey_cert = <<<ABC
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDnic0B5wZsfox3L1sGPGOGkeqR3zHpIC3q7DUHGJ5XJf9rD6Ee
Lro2QFqo/nd2UVCrJw99163UpIXt0a2H0XfKvyqubMkpkZ6/z74NEzVLzKV9KOok
FhXsVzzifOQwgnKTUsq8w4iRUbtaUEHKwBMsP5W7MkCbiKUk5vWF2nTntwIDAQAB
AoGAZ8T+uGeOHXnqAlCa/wR5poonExFxEQZ3Dd6nNXL3JB/HhXgPwbM3ibD18N97
Mu/ms45iBwhuw+qoi5l5qHFcugr6SBVjG4n3IKQUj7lEpeQKW23hkNc0b2RIbno+
GnD30OLU4k57TpK+HmCCsqKs5hBwXjUnivdKlNoI5zb0EMECQQD6aSurVqLEJtPk
bBY6HXr1YsRh5vgBRsuxK9dQTTelRUD+H36C0FChMyqzOCTWMbb1YIg1jIUzD6Kl
Cedt9YWPAkEA7LTLPS8GAkNKVeLkWsfY2ndD4RTS9uKpwleVI5/1+notvHnVCpkc
WCXcuIkLoduGZWE+PBHDcJ/Tui7S9rx3WQJAQEKQ9E0tQ8z6/1lFcvBxx1rrLnyJ
FDrIttSbUn4eU4ksHoqSeptetZ9dy9QSj+z+GIYHLka7P9k5UcTy4OLqvQJAT247
5UQqWAgModWJm40EkAsFlDpQsNhO7xBE07eR64OkZWLcwrmucUYDU0lpxd7Msqh3
IeE0HE8F1axwzqtfwQJAXJ9CCgQLyFPaUcTqml9otU+xObr7PEzKK9G2+ouJHxg1
3D/5j1+qGjSV3pixovKhljG9g/EGE1eF91D/Qo8a1g==
-----END RSA PRIVATE KEY-----
ABC;
$privkey = openssl_pkey_get_private($privkey_cert);
openssl_seal($data, $sealed, $ekeys, array($pk1));
openssl_open($sealed, $plainText, $ekeys[0], $privkey);
var_dump($plainText === $data);


Expected result:
----------------
valgrind run should not complain about memory leak.


Actual result:
--------------
bash-4.1# valgrind --leak-check=full php openssl.php
==23477== Memcheck, a memory error detector
==23477== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==23477== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==23477== Command: php openssl.php
==23477==
bool(true)
==23477==
==23477== HEAP SUMMARY:
==23477==     in use at exit: 85,681 bytes in 2,705 blocks
==23477==   total heap usage: 15,591 allocs, 12,886 frees, 3,247,930 bytes allocated
==23477==
==23477== 1,032 bytes in 1 blocks are definitely lost in loss record 64 of 88
==23477==    at 0x4C279EE: malloc (vg_replace_malloc.c:270)
==23477==    by 0x614AB2D: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.1e)
==23477==    by 0x61CA808: EVP_CipherInit_ex (in /usr/lib64/libcrypto.so.1.0.1e)
==23477==    by 0x45E50B: zif_openssl_seal (openssl.c:4318)
==23477==    by 0x6FD499: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:643)
==23477==    by 0x6F189F: execute (zend_vm_execute.h:410)
==23477==    by 0x68BA3D: zend_execute_scripts (zend.c:1315)
==23477==    by 0x6318DD: php_execute_script (main.c:2502)
==23477==    by 0x731DC2: do_cli (php_cli.c:989)
==23477==    by 0x7324B3: main (php_cli.c:1365)
==23477==
==23477== 1,032 bytes in 1 blocks are definitely lost in loss record 65 of 88
==23477==    at 0x4C279EE: malloc (vg_replace_malloc.c:270)
==23477==    by 0x614AB2D: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.1e)
==23477==    by 0x61CA808: EVP_CipherInit_ex (in /usr/lib64/libcrypto.so.1.0.1e)
==23477==    by 0x61D0B7C: EVP_SealInit (in /usr/lib64/libcrypto.so.1.0.1e)
==23477==    by 0x45E62D: zif_openssl_seal (openssl.c:4331)
==23477==    by 0x6FD499: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:643)
==23477==    by 0x6F189F: execute (zend_vm_execute.h:410)
==23477==    by 0x68BA3D: zend_execute_scripts (zend.c:1315)
==23477==    by 0x6318DD: php_execute_script (main.c:2502)
==23477==    by 0x731DC2: do_cli (php_cli.c:989)
==23477==    by 0x7324B3: main (php_cli.c:1365)
==23477==
==23477== 1,032 bytes in 1 blocks are definitely lost in loss record 66 of 88
==23477==    at 0x4C279EE: malloc (vg_replace_malloc.c:270)
==23477==    by 0x614AB2D: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.1e)
==23477==    by 0x61CA808: EVP_CipherInit_ex (in /usr/lib64/libcrypto.so.1.0.1e)
==23477==    by 0x61D09AF: EVP_OpenInit (in /usr/lib64/libcrypto.so.1.0.1e)
==23477==    by 0x45E148: zif_openssl_open (openssl.c:4421)
==23477==    by 0x6FD499: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:643)
==23477==    by 0x6F189F: execute (zend_vm_execute.h:410)
==23477==    by 0x68BA3D: zend_execute_scripts (zend.c:1315)
==23477==    by 0x6318DD: php_execute_script (main.c:2502)
==23477==    by 0x731DC2: do_cli (php_cli.c:989)
==23477==    by 0x7324B3: main (php_cli.c:1365)
==23477==
==23477== LEAK SUMMARY:
==23477==    definitely lost: 3,096 bytes in 3 blocks
==23477==    indirectly lost: 0 bytes in 0 blocks
==23477==      possibly lost: 0 bytes in 0 blocks
==23477==    still reachable: 82,585 bytes in 2,702 blocks
==23477==         suppressed: 0 bytes in 0 blocks
==23477== Reachable blocks (those to which a pointer was found) are not shown.
==23477== To see them, rerun with: --leak-check=full --show-reachable=yes
==23477==
==23477== For counts of detected and suppressed errors, rerun with: -v
==23477== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 6 from 6)

Patches

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-04-14 20:48 UTC] stas@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: stas
 [2014-04-14 20:48 UTC] stas@php.net 
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

fixed together with bug #66952
 [2014-04-14 20:48 UTC] stas@php.net 
Related To: Bug #66952
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 12:01:29 2024 UTC