php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #26580 PHP and/or Apache/IIS crashes on trying to submit data
Submitted: 2003-12-10 07:55 UTC Modified: 2003-12-10 09:07 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: tauras dot paliulis at tauras dot com Assigned:
Status: Wont fix Package: COM related
PHP Version: 4.3.4 OS: Windows 2000
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: tauras dot paliulis at tauras dot com
New email:
PHP Version: OS:

 

 [2003-12-10 07:55 UTC] tauras dot paliulis at tauras dot com
Description:
------------
Hi,
I'm trying to connect over COM to standard .net and MS CAPICOM cryptography functions.

if i'm dismissing 20th line, i'm receiving warning "(null)(): Invoke() failed: The parameter is incorrect".

Then I tried to insert VARIANT with different types and receiving the same warning. But when I did VT_VARIANT, then Apache/2.0.47 restarted and log shows an error "[notice] Parent: child process exited with status 3221225477 -- Restarting."

When the same script was run on IIS/5 I received new warning "(null)(): Invoke() failed: No such interface supported in ..." on 19th line, while apache did understand this. Also other warning were as in apache.
When I tried to define value VARIANT as VT_VARIANT, I received warning "Warning: VT_VARIANT is invalid. Use VT_VARIANT|VT_BYREF instead. in c:\inetpub\wwwroot\crypt.php on line 50
PHP has encountered an Access Violation at 01914F48"

What's a matter?

BR,
Tauras

Reproduce code:
---------------
1:$store = new COM("capicom.Store");
2:$csp = new COM("System.Security.Cryptography.CspParameters");
3:$rsa = new COM("System.Security.Cryptography.RSACryptoServiceProvider");
4:$pkcs1 = new COM("System.Security.Cryptography.RSAPKCS1SignatureFormatter");
5:$tobyte = new COM("System.Text.ASCIIEncoding");

6:$store->Open($storelocation, $storename, 0);
7:for ($i=1; $i<=$store->Certificates->Count; $i++) {
8:	$cert = $store->Certificates->Item($i);
9:	if ($cert->HasPrivateKey() && $cert->SubjectName == $signername && $cert->IssuerName == $issuername && $cert->ValidFromDate<=time() && $cert->ValidToDate>=time()) {
10:		$certfound = true;
11:		break;}}
12:if (!isset($certfound)) return false;

13:$csp->ProviderType = $cert->PrivateKey->ProviderType;
14:$csp->ProviderName = $cert->PrivateKey->ProviderName;
15:$csp->KeyContainerName = $cert->PrivateKey->ContainerName;
16:$csp->Flags = 1;

17:$rsa->PersistKeyInCsp = true;
18:$pkcs1->SetHashAlgorithm("SHA1");
19:$pkcs1->SetKey($rsa);

20:$varstr = new VARIANT ($unsignedstring, VT_VARIANT);
21:$counter=$tobyte->GetBytes($varstr);

22:$signed = $pkcs1->CreateSignature($counter);


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-12-10 07:58 UTC] tauras dot paliulis at tauras dot com
Little explanation: if i'm dismissing 20th line, i'm receiving warning "(null)(): Invoke()
failed: The parameter is incorrect" to lines 21 and 22
 [2003-12-10 08:22 UTC] wez@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip

We're not supporting COM under PHP 4 any longer (unless sponsored to do so).
However, COM support has been rewritten in PHP 5 and should give you much better results.
If you are able to, we encourage you to try a PHP 5 snapshot.
 [2003-12-10 08:29 UTC] tauras dot paliulis at tauras dot com
I just wanted to know if this error is PHP related or not.
I cannot use PHP5 because it is running on live system.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Nov 12 14:01:28 2024 UTC