|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #29418 OpenSSL mysteriously makes PHP segfault
Submitted: 2004-07-28 05:26 UTC Modified: 2004-10-26 11:32 UTC
From: sartre at gmail dot com Assigned:
Status: Closed Package: OpenSSL related
PHP Version: 4.3.8 OS: Linux (Slackware 10.0)
Private report: No CVE-ID:
 [2004-07-28 05:26 UTC] sartre at gmail dot com
(using PHP 4.3.8 as the standalone executable, OpenSSL 0.9.7d)

I was writing a regression script for testing my script but when signing a certificate with a CA I stumbled upon an unending delay (self-signed first and then signed against the generated CA in the same script).

The PHP executable (I am not running apache) does not always reproduce the segfault.

The *error* (forced in the script):
The client uses the same private key as the CA.

PS: It's my first time using OpenSSL in PHP, and I do not understand most of it, but I didn't expect to get a segfault.

Reproduce code:
$key = openssl_pkey_new ();
$csr = openssl_csr_new ($dn, $key);
openssl_csr_export ($csr, $csr_exported);
$csr_signed = openssl_csr_sign ($csr, NULL, $key, 365);
openssl_x509_export ($csr_signed, $x509_exported);
openssl_pkey_export ($key, $key_exported, '');
$key_public = openssl_pkey_get_public ($x509_exported);
$struct = openssl_x509_parse ($x509_exported);
// set $dn to other value
$cert_ca = openssl_x509_read ($x509_exported);
$cert_cakey = openssl_pkey_get_private ($cert_client);
$client_csr = openssl_csr_new ($dn, $cert_cakey);
openssl_csr_export ($client_csr, $client_csr_exported);
// here!
openssl_csr_sign ($client_csr, $cert_ca, $cert_cakey, 365);

// (I cannot continue)

Expected result:

Actual result:
#0  0x40536bff in mallopt () from /lib/
#1  0x40535a2f in free () from /lib/
#2  0x08189e7d in shutdown_memory_manager ()
#3  0x0816e470 in php_request_shutdown ()
#4  0x081a82c0 in main ()

(I expected to see any SSL function called)


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2004-07-29 05:45 UTC]
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.
 [2004-07-29 06:03 UTC] sartre at gmail dot com
There's a backtrace in the 'actual result' field..

Mysteriously it did not contain *any* zend routine.

Whether this may or may not be a scripting bug, I (nor would any of we) didn't expect PHP to segfault (that's why I posted that).

 [2004-07-29 08:16 UTC]
Read the instructions *carefully* on how to produce a useful backtrace with debugging information.
 [2004-08-13 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2004-10-26 11:35 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

Thanks to Kamesh Jayachandran and Netware.
PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Fri Oct 09 20:01:33 2015 UTC