php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #67512 php_crypt() crashes if crypt_r() does not exist or _REENTRANT is not defined
Submitted: 2014-06-25 12:10 UTC Modified: -
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (100.0%)
From: timo dot teras at iki dot fi Assigned:
Status: Closed Package: *Encryption and hash functions
PHP Version: 5.5.13 OS: Linux
Private report: No CVE-ID:
 [2014-06-25 12:10 UTC] timo dot teras at iki dot fi
Description:
------------
php_crypt() does not contain default implementation, and does not return error. 

It will lead to crashes with backtraces like:
(gdb) where
#0  0x000005f88811a5b1 in zif_crypt (ht=<optimized out>, 
    return_value=0x65963a1f2d20, return_value_ptr=<optimized out>, 
    this_ptr=<optimized out>, return_value_used=<optimized out>)
    at /home/buildozer/aports/main/php/src/php-5.5.13/ext/standard/crypt.c:301
#1  0x000005f8882626a3 in zend_do_fcall_common_helper_SPEC (
    execute_data=0x659641284268)
    at /home/buildozer/aports/main/php/src/php-5.5.13/Zend/zend_vm_execute.h:550
#2  0x000005f8882010e0 in execute_ex (execute_data=0x659641284268)
    at /home/buildozer/aports/main/php/src/php-5.5.13/Zend/zend_vm_execute.h:363
#3  0x000005f8881cf537 in zend_call_function (fci=fci@entry=0x70801634cad0, 
    fci_cache=<optimized out>, fci_cache@entry=0x70801634caa8)
    at /home/buildozer/aports/main/php/src/php-5.5.13/Zend/zend_execute_API.c:939
#4  0x000005f888114f2b in zif_call_user_func (ht=<optimized out>, 
    return_value=0x65963a17efb8, return_value_ptr=<optimized out>, 
    this_ptr=<optimized out>, return_value_used=<optimized out>)
    at /home/buildozer/aports/main/php/src/php-5.5.13/ext/standard/basic_functions.c:4781
#5  0x000005f8882626a3 in zend_do_fcall_common_helper_SPEC (
    execute_data=0x6596412804a0)
    at /home/buildozer/aports/main/php/src/php-5.5.13#6  0x000005f8882010e0 in execute_ex (execute_data=0x6596412804a0)
    at /home/buildozer/aports/main/php/src/php-5.5.13/Zend/zend_vm_execute.h:363
#7  0x000005f8881db6eb in zend_execute_scripts (type=type@entry=8, 
    retval=retval@entry=0x0, file_count=file_count@entry=3)
    at /home/buildozer/aports/main/php/src/php-5.5.13/Zend/zend.c:1316
#8  0x000005f88818a691 in php_execute_script (
    primary_file=primary_file@entry=0x70801634f078)
    at /home/buildozer/aports/main/php/src/php-5.5.13/main/main.c:2506
#9  0x000005f88803e54b in main (argc=1, argv=0x70801634f388)
    at /home/buildozer/aports/main/php/src/php-5.5.13/sapi/cgi/cgi_main.c:2454

glibc builds likely work, because glibc incorrectly defines _REENTRANT for you even if it was not requested.

This bug is reproducible on non-glibc systems. E.g. Alpine Linux 3.0 which is musl based.

Seems also some other distributions have patched this issue. See:
https://build.opensuse.org/package/view_file?file=php-5.3.8-no-reentrant-crypt.patch&package=php5.831&project=openSUSE%3A12.2%3AUpdate&rev=bbcd9103e1bb3fb4a021cee0f42e604a


Patches

php-fix-crypt-v1.patch (last revision 2014-06-25 12:12 UTC) by timo dot teras at iki dot fi)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-03-25 19:23 UTC] nikic@php.net
Automatic comment on behalf of nikic
Revision: http://git.php.net/?p=php-src.git;a=commit;h=54da966883bacf28808e26eeda48fe38e21b118e
Log: Fixed bug #67512
 [2016-03-25 19:23 UTC] nikic@php.net
-Status: Open +Status: Closed
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Thu Jul 20 18:01:35 2017 UTC