PHP :: Bug #46582 :: curl enabled PHP segfaulting with OpenSSL

Bug #46582	curl enabled PHP segfaulting with OpenSSL
Submitted:	2008-11-16 02:00 UTC	Modified:	2008-11-17 23:13 UTC
From:	philip@php.net	Assigned:
Status:	Not a bug	Package:	cURL related
PHP Version:	5CVS, 6CVS (2008-11-17)	OS:	*
Private report:	No	CVE-ID:	None

View Developer Edit

[2008-11-16 02:00 UTC] philip@php.net

Description:
------------
This segfault only exists when PHP is compiled with Curl support. However, Curl is not being called when generating the segfault. Also, this happens only when libcurl has OpenSSL support but no segfault exists with GnuTLS support.

The following bug is heavily related:

  http://bugs.php.net/bug.php?id=40926

But it's labeled as pgsql centric, so this is an attempt to make this a known Curl + OpenSSL bug. Please feel free to relabel these bugs where they belong.

The configure line is:

./configure --enable-debug --with-curl --with-apxs2=/usr/bin/apxs2 --prefix=/home/user/php

Curl information:

cURL Information => libcurl/7.18.0 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.1

And for good measure, when Curl is compiled against the following there is no segfault:

cURL Information => libcurl/7.18.0 GnuTLS/2.0.4 zlib/1.2.3.3 libidn/1.1

Reproduce code:
---------------
The exact code, in this case, is a simple svn call:

<?php
$url = 'http://phpminadmin.svn.sourceforge.net/svnroot/phpminadmin/trunk/index.php';

$blame = svn_blame($url);

print_r($blame);


Expected result:
----------------
No segfault

Actual result:
--------------
The code "works", but the core is dumped with the following backtrace:

(gdb) bt
#0  0xb73f7fb0 in ?? ()
#1  0xb7c6e1bd in ?? () from /usr/lib/i686/cmov/libcrypto.so.0.9.8
#2  0xb7c6f98a in ERR_free_strings () from /usr/lib/i686/cmov/libcrypto.so.0.9.8
#3  0xb7e8c487 in ?? () from /usr/lib/libcurl.so.4
#4  0xb7ea00a0 in ?? () from /usr/lib/libcurl.so.4
#5  0xb7e95733 in curl_global_cleanup () from /usr/lib/libcurl.so.4
#6  0x08085c2b in zm_shutdown_curl (type=1, module_number=23) at /home/user/php/php-5.3.0alpha2/ext/curl/interface.c:687
#7  0x082c1f4e in module_destructor (module=0x860cfb8) at /home/user/php/php-5.3.0alpha2/Zend/zend_API.c:2073
#8  0x082c93b8 in zend_hash_apply_deleter (ht=0x1, p=0x860cf88) at /home/user/php/php-5.3.0alpha2/Zend/zend_hash.c:611
#9  0x082c95f8 in zend_hash_graceful_reverse_destroy (ht=0x85d1be0) at /home/user/php/php-5.3.0alpha2/Zend/zend_hash.c:646
#10 0x082be87e in zend_shutdown () at /home/user/php/php-5.3.0alpha2/Zend/zend.c:768
#11 0x0826cddf in php_module_shutdown () at /home/user/php/php-5.3.0alpha2/main/main.c:1955
#12 0x0834561e in main (argc=2, argv=0xbfc859e4) at /home/user/php/php-5.3.0alpha2/sapi/cli/php_cli.c:1325

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-11-17 23:13 UTC] iliaa@php.net

Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions.  Due to the volume
of reports we can not explain in detail here why your report is not
a bug.  The support channels will be able to provide an explanation
for you.

Thank you for your interest in PHP.

From the backtrace this appears to be an openssl lib bug not a PHP one.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri May 09 16:01:27 2025 UTC