php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #63491 file_md5 value was wrong when use apc_bin_load function
Submitted: 2012-11-12 08:46 UTC Modified: 2012-12-12 11:04 UTC
From: cfc4n at cnxct dot com Assigned: ab (profile)
Status: Closed Package: APC (PECL)
PHP Version: 5.3.18 OS: ubuntu 12.04
Private report: No CVE-ID: None
 [2012-11-12 08:46 UTC] cfc4n at cnxct dot com
Description:
------------
In apc extension,It can record file md5 hash value to help administrator to file  
info and version confirmation.
But if you use apc_bin_dump(apc_bin_dumpfile) function to dump a binfile, And lode 
this binfile to php. Now get one file of them md5 hash with apc.php ,you'll see, 
They md5 hash was wrong...

Test script:
---------------
No test script.

Expected result:
----------------
I gave a patch on https://github.com/cfc4n/cnxct/blob/master/apc_bin_filemd5.patch 
, I hope it can fix this bugs.


Patches

apc_bin_filemd5.patch (last revision 2012-11-12 08:46 UTC by cfc4n at cnxct dot com)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-11-28 11:27 UTC] ab@php.net
Could you please give a piece of PHP code to reproduce this?
 [2012-11-28 12:56 UTC] cfc4n at cnxct dot com
I'll dump test.php to a bin file  with apc . And see md5 hash in result whit 
dump.php .

But, It was a wrong md5 value of test.php in apc share memory when I load that 
bin file. 

(test.php was a example php file with any rightful codes...)
All version of apc.
apc.file_md5=1
/*
**  dump.php
**  dump a bin file named apc.bin
*/
$dir = dirname(__FILE__);
apc_compile_file($dir.'/test.php');
apc_bin_dumpfile(array($dir.'/test.php'), array(), 'apc.bin');
var_dump(apc_cache_info());

/*

...

["cache_list"]=>
  array(2) {
    [0]=>
    array(12) {
      ["type"]=>
      string(4) "file"
      ["device"]=>
      int(0)
      ["inode"]=>
      int(0)
      ["filename"]=>
      string(17) "/home/cfc4n/test.php"
      ["md5"]=>
      string(32) "f33c672d79452462266841d1a68406a2"
      ["num_hits"]=>
      float(0)
      ["mtime"]=>
      int(1354085879)
      ["creation_time"]=>
      int(1354085879)
      ["deletion_time"]=>
      int(0)
      ["access_time"]=>
      int(1354085879)
      ["ref_count"]=>
      int(0)
      ["mem_size"]=>
      int(11600)
    }
    ...
  }

...

*/
 [2012-11-28 12:57 UTC] cfc4n at cnxct dot com
and load.php  (sorry,I lose this file )
/*
**  load.php
**  load bin apc.bin file
*/

apc_bin_loadfile('apc.bin');
var_dump( apc_cache_info());

/*

...

["cache_list"]=>
  array(2) {
    [0]=>
    array(12) {
      ["type"]=>
      string(4) "file"
      ["device"]=>
      int(0)
      ["inode"]=>
      int(0)
      ["filename"]=>
      string(17) "/home/cfc4n/test.php"
      ["md5"]=>
      string(32) "00000000000000000000000000000040"
      ["num_hits"]=>
      float(0)
      ["mtime"]=>
      int(1354085879)
      ["creation_time"]=>
      int(1354085879)
      ["deletion_time"]=>
      int(0)
      ["access_time"]=>
      int(1354085879)
      ["ref_count"]=>
      int(0)
      ["mem_size"]=>
      int(11600)
    }
    ...
  }

...

*/
 [2012-12-12 07:58 UTC] ab@php.net
Automatic comment from SVN on behalf of ab
Revision: http://svn.php.net/viewvc/?view=revision&revision=328743
Log: Fixed bug #63491 file_md5 value was wrong when use apc_bin_load function

The basic idea behind this is - original file md5 isn't dumped, as result
loading that dump the key->md5 is filled with the garbage (which could
look like a wrong md5 sum) as we don't read the file again with
cached_compile. What i did:

- zero the original file md5 on key creation
- write the file md5 into the bin dump when apc_bin_dumpfile()'ing
- restore the md5 field when loading the dump with apc_dump_loadfile()

However we only calculate the md5 sum if apc.file_md5=1, so otherwise
files with the preloaded dump will have just zeros.
 [2012-12-12 07:59 UTC] ab@php.net
Your patch was segfaulting for me right on the first call. Please test this fix 
in the trunk on your env.
 [2012-12-12 08:04 UTC] ab@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: ab
 [2012-12-12 09:40 UTC] cfc4n at cnxct dot com
@ab
Thanks very much.It's works with your patch. And I testd my patch again,It's 
works too.  :(

But I have many question about your patch.Can you help me?

1,Why add the md5 hash char into _apc_bd_entry_t struct ,But It's was a part of 
file,So It many be added in file struct of apc_cache_entry_value_t val.
2,Why use memmove to replace memcpy ? Is it that memmove can replace a non zeros 
memory address ,but memcpy can't ?


I'm a newbie,Please do not laughed at my code.Sorry.   :(

PS: About BUG #63636 ,I'll try it next week ,because I'm very busy now ,sorry.
 [2012-12-12 10:07 UTC] ab@php.net
1. md5 key is stored in here http://lxr.php.net/xref/PECL/APC/apc_cache.h#110 , 
therefore no need to duplicate it for the cache entry struct. The whole 
functionality about checking/showing file md5 refers to the key struct. Also, a 
cache entry might be not of the type file, you could look more onto how the 
storage slots are implemented.
2. memmove operates safer, just google for "memmove vs memcpy"

Generally when testing an APC fix, more stressfulness is needed. For 5.4+ it's 
possible to write tests using the built-in http server.
 [2012-12-12 11:04 UTC] cfc4n at cnxct dot com
yeah,You are right,thanks. I'll read it be careful. and I learned a lot of 
knowledge from these bugs,from apc, and from you.thanks again.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Tue Sep 17 08:01:27 2019 UTC