PHP :: Bug #26580 :: PHP and/or Apache/IIS crashes on trying to submit data

Bug #26580

PHP and/or Apache/IIS crashes on trying to submit data

Submitted:

2003-12-10 07:55 UTC

Modified:

2003-12-10 09:07 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

tauras dot paliulis at tauras dot com

Assigned:

Status:

Wont fix

Package:

COM related

PHP Version:

4.3.4

OS:

Windows 2000

Private report:

CVE-ID:

None

View Developer Edit

[2003-12-10 07:55 UTC] tauras dot paliulis at tauras dot com

Description:
------------
Hi,
I'm trying to connect over COM to standard .net and MS CAPICOM cryptography functions.

if i'm dismissing 20th line, i'm receiving warning "(null)(): Invoke() failed: The parameter is incorrect".

Then I tried to insert VARIANT with different types and receiving the same warning. But when I did VT_VARIANT, then Apache/2.0.47 restarted and log shows an error "[notice] Parent: child process exited with status 3221225477 -- Restarting."

When the same script was run on IIS/5 I received new warning "(null)(): Invoke() failed: No such interface supported in ..." on 19th line, while apache did understand this. Also other warning were as in apache.
When I tried to define value VARIANT as VT_VARIANT, I received warning "Warning: VT_VARIANT is invalid. Use VT_VARIANT|VT_BYREF instead. in c:\inetpub\wwwroot\crypt.php on line 50
PHP has encountered an Access Violation at 01914F48"

What's a matter?

BR,
Tauras

Reproduce code:
---------------
1:$store = new COM("capicom.Store");
2:$csp = new COM("System.Security.Cryptography.CspParameters");
3:$rsa = new COM("System.Security.Cryptography.RSACryptoServiceProvider");
4:$pkcs1 = new COM("System.Security.Cryptography.RSAPKCS1SignatureFormatter");
5:$tobyte = new COM("System.Text.ASCIIEncoding");

6:$store->Open($storelocation, $storename, 0);
7:for ($i=1; $i<=$store->Certificates->Count; $i++) {
8:	$cert = $store->Certificates->Item($i);
9:	if ($cert->HasPrivateKey() && $cert->SubjectName == $signername && $cert->IssuerName == $issuername && $cert->ValidFromDate<=time() && $cert->ValidToDate>=time()) {
10:		$certfound = true;
11:		break;}}
12:if (!isset($certfound)) return false;

13:$csp->ProviderType = $cert->PrivateKey->ProviderType;
14:$csp->ProviderName = $cert->PrivateKey->ProviderName;
15:$csp->KeyContainerName = $cert->PrivateKey->ContainerName;
16:$csp->Flags = 1;

17:$rsa->PersistKeyInCsp = true;
18:$pkcs1->SetHashAlgorithm("SHA1");
19:$pkcs1->SetKey($rsa);

20:$varstr = new VARIANT ($unsignedstring, VT_VARIANT);
21:$counter=$tobyte->GetBytes($varstr);

22:$signed = $pkcs1->CreateSignature($counter);

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-12-10 07:58 UTC] tauras dot paliulis at tauras dot com

Little explanation: if i'm dismissing 20th line, i'm receiving warning "(null)(): Invoke()
failed: The parameter is incorrect" to lines 21 and 22

[2003-12-10 08:22 UTC] wez@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip

We're not supporting COM under PHP 4 any longer (unless sponsored to do so).
However, COM support has been rewritten in PHP 5 and should give you much better results.
If you are able to, we encourage you to try a PHP 5 snapshot.

[2003-12-10 08:29 UTC] tauras dot paliulis at tauras dot com

I just wanted to know if this error is PHP related or not.
I cannot use PHP5 because it is running on live system.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon Jun 30 23:01:35 2025 UTC