php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #69556 openssl_verify() dumps core when curl.so is loaded before openssl.so
Submitted: 2015-04-30 21:43 UTC Modified: 2021-04-06 12:51 UTC
From: rk at redb dot cz Assigned: cmb (profile)
Status: Closed Package: OpenSSL related
PHP Version: 5.6.8 OS: FreeBSD
Private report: No CVE-ID: None
 [2015-04-30 21:43 UTC] rk at redb dot cz
Description:
------------
When openssl.so is loaded before curl.so, everything is working as expected. Reversed order causes Abort (core dumped).

PHP 5.5.24 gives Warnings (no core dumped):
PHP Warning:  openssl_verify(): Don't know how to get public key from this private key in ...
PHP Warning:  openssl_verify(): supplied key param cannot be coerced into a public key in ...

PHP 5.5.22 works fine.

Test script:
---------------
https://gist.github.com/xert/6da7736f4f7e5ff22177

Expected result:
----------------
int(0)

Actual result:
--------------
Assertion failed: (pkey->pkey.rsa != NULL), function php_openssl_is_private_key, file /wrkdirs/usr/ports/security/php56-openssl/work/php-5.6.8/ext/openssl/openssl.c, line 3447.
Abort (core dumped)

Backtrace:

#0  0x0000000801e2664c in thr_kill () from /lib/libc.so.7
#1  0x0000000801ecac4b in abort () from /lib/libc.so.7
#2  0x0000000801eae315 in __assert () from /lib/libc.so.7
#3  0x00000008044060ad in zif_openssl_csr_get_public_key () from /usr/local/lib/php/20131226-debug/openssl.so
#4  0x000000080440583c in zif_openssl_csr_get_public_key () from /usr/local/lib/php/20131226-debug/openssl.so
#5  0x000000080440b0ce in zif_openssl_verify () from /usr/local/lib/php/20131226-debug/openssl.so
#6  0x000000000069253b in zend_do_fcall_common_helper_SPEC (execute_data=0x802440260) at zend_vm_execute.h:558
#7  0x0000000000698592 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x802440260)
    at zend_vm_execute.h:2599
#8  0x0000000000691af4 in execute_ex (execute_data=0x802440260) at zend_vm_execute.h:363
#9  0x0000000000691b73 in zend_execute (op_array=0x802474b18) at zend_vm_execute.h:388
#10 0x0000000000652e46 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /wrkdirs/usr/ports/lang/php56/work/php-5.6.8/Zend/zend.c:1341
#11 0x00000000005c63df in php_execute_script (primary_file=0x7fffffffe480)
    at /wrkdirs/usr/ports/lang/php56/work/php-5.6.8/main/main.c:2597
#12 0x00000000006fdb7e in do_cli (argc=2, argv=0x7fffffffebe0)
    at /wrkdirs/usr/ports/lang/php56/work/php-5.6.8/sapi/cli/php_cli.c:994
#13 0x00000000006feadd in main (argc=2, argv=0x7fffffffebe0)
    at /wrkdirs/usr/ports/lang/php56/work/php-5.6.8/sapi/cli/php_cli.c:1378

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-04-06 10:51 UTC] cmb@php.net
-Status: Open +Status: Feedback -Assigned To: +Assigned To: cmb
 [2021-04-06 10:51 UTC] cmb@php.net
Does that still happen to you with any of the actively supported
PHP versions[1]?

[1] <https://www.php.net/supported-versions.php>
 [2021-04-06 12:48 UTC] rk at redb dot cz
-Status: Feedback +Status: Assigned
 [2021-04-06 12:48 UTC] rk at redb dot cz
It's working fine on 7.4.16 and 8.0.3
 [2021-04-06 12:51 UTC] cmb@php.net
-Status: Assigned +Status: Closed
 [2021-04-06 12:51 UTC] cmb@php.net
Great, so this ticket can be closed.

Thanks for the swift reply!
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 20:01:28 2024 UTC