PHP :: Bug #69004 :: openssl_pkcs12_export_to

Bug #69004	openssl_pkcs12_export_to_file segfault
Submitted:	2015-02-07 09:32 UTC	Modified:	2021-07-07 09:23 UTC
From:	gmblar+php at gmail dot com	Assigned:	cmb (profile)
Status:	Closed	Package:	OpenSSL related
PHP Version:	5.6.5	OS:	MacOSX 10.10.2
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	gmblar+php at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2015-02-07 09:32 UTC] gmblar+php at gmail dot com

Description:
------------
openssl_pkcs12_export_to_file crash with "Segmentation fault: 11"


Code works without segfault if:

* remove the line "$privateKey = new PrivateKey($privateKey);"
* var_dump something after openssl_pkcs12_export_to_file


Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x000000012b86af59
0x00000001001f0c25 in gc_zval_possible_root ()
(gdb) bt
#0  0x00000001001f0c25 in gc_zval_possible_root ()
#1  0x00000001001e2046 in zend_hash_bucket_delete ()
#2  0x00000001001e20ac in zend_hash_graceful_reverse_destroy ()
#3  0x00000001001c8027 in shutdown_executor ()
#4  0x00000001001d6227 in zend_deactivate ()
#5  0x000000010017d045 in php_request_shutdown ()
#6  0x000000010025f7d7 in do_cli ()
#7  0x000000010025e354 in main ()

Test script:
---------------
<?php

class PrivateKey {

    public $data;

    public function __construct($data) {
        $this->data = $data;
    }

    public function __toString() {
        openssl_pkey_export($this->data, $output);
        return $output;
    }

}

$csr = openssl_csr_new([], $privateKey);
$certificate = openssl_csr_sign($csr, NULL, $privateKey, 1);

$privateKey = new PrivateKey($privateKey);
openssl_pkcs12_export_to_file($certificate, '/tmp/test.p12', $privateKey, '');

# var_dump('bar');

Expected result:
----------------
Nothing

Actual result:
--------------
Segmentation fault: 11

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2015-02-07 09:44 UTC] gmblar+php at gmail dot com

Same with PHP 5.6.5-1~dotdeb.1 on debian 7.6

Stacktrace:

Program received signal SIGSEGV, Segmentation fault.
0x00000000006fa489 in gc_zval_possible_root ()
(gdb) bt
#0  0x00000000006fa489 in gc_zval_possible_root ()
#1  0x00000000006e7316 in ?? ()
#2  0x00000000006e8a38 in zend_hash_graceful_reverse_destroy ()
#3  0x00000000006ca0d6 in ?? ()
#4  0x00000000006da735 in zend_deactivate ()
#5  0x0000000000676553 in php_request_shutdown ()
#6  0x000000000077f948 in ?? ()
#7  0x0000000000433b7f in ?? ()
#8  0x00007ffff503eeed in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6
#9  0x0000000000433c15 in _start ()

[2021-07-07 08:48 UTC] cmb@php.net

I cannot reproduce this with PHP-7.4.  Is this still an issue for
you with any of the actively maintained PHP versions[1]?

[1] <https://www.php.net/supported-versions.php>

[2021-07-07 08:48 UTC] cmb@php.net

-Status: Open +Status: Feedback -Assigned To: +Assigned To: cmb

[2021-07-07 09:20 UTC] gmblar+php at gmail dot com

Works for me in PHP 8.0.7

[2021-07-07 09:23 UTC] cmb@php.net

-Status: Feedback +Status: Closed

[2021-07-07 09:23 UTC] cmb@php.net

Thanks for the swift reply!  Closing then.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 19 01:01:28 2024 UTC