php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #69556 openssl_verify() dumps core when curl.so is loaded before openssl.so
Submitted: 2015-04-30 21:43 UTC Modified: -
From: rk at redb dot cz Assigned:
Status: Open Package: OpenSSL related
PHP Version: 5.6.8 OS: FreeBSD
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2015-04-30 21:43 UTC] rk at redb dot cz
Description:
------------
When openssl.so is loaded before curl.so, everything is working as expected. Reversed order causes Abort (core dumped).

PHP 5.5.24 gives Warnings (no core dumped):
PHP Warning:  openssl_verify(): Don't know how to get public key from this private key in ...
PHP Warning:  openssl_verify(): supplied key param cannot be coerced into a public key in ...

PHP 5.5.22 works fine.

Test script:
---------------
https://gist.github.com/xert/6da7736f4f7e5ff22177

Expected result:
----------------
int(0)

Actual result:
--------------
Assertion failed: (pkey->pkey.rsa != NULL), function php_openssl_is_private_key, file /wrkdirs/usr/ports/security/php56-openssl/work/php-5.6.8/ext/openssl/openssl.c, line 3447.
Abort (core dumped)

Backtrace:

#0  0x0000000801e2664c in thr_kill () from /lib/libc.so.7
#1  0x0000000801ecac4b in abort () from /lib/libc.so.7
#2  0x0000000801eae315 in __assert () from /lib/libc.so.7
#3  0x00000008044060ad in zif_openssl_csr_get_public_key () from /usr/local/lib/php/20131226-debug/openssl.so
#4  0x000000080440583c in zif_openssl_csr_get_public_key () from /usr/local/lib/php/20131226-debug/openssl.so
#5  0x000000080440b0ce in zif_openssl_verify () from /usr/local/lib/php/20131226-debug/openssl.so
#6  0x000000000069253b in zend_do_fcall_common_helper_SPEC (execute_data=0x802440260) at zend_vm_execute.h:558
#7  0x0000000000698592 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x802440260)
    at zend_vm_execute.h:2599
#8  0x0000000000691af4 in execute_ex (execute_data=0x802440260) at zend_vm_execute.h:363
#9  0x0000000000691b73 in zend_execute (op_array=0x802474b18) at zend_vm_execute.h:388
#10 0x0000000000652e46 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /wrkdirs/usr/ports/lang/php56/work/php-5.6.8/Zend/zend.c:1341
#11 0x00000000005c63df in php_execute_script (primary_file=0x7fffffffe480)
    at /wrkdirs/usr/ports/lang/php56/work/php-5.6.8/main/main.c:2597
#12 0x00000000006fdb7e in do_cli (argc=2, argv=0x7fffffffebe0)
    at /wrkdirs/usr/ports/lang/php56/work/php-5.6.8/sapi/cli/php_cli.c:994
#13 0x00000000006feadd in main (argc=2, argv=0x7fffffffebe0)
    at /wrkdirs/usr/ports/lang/php56/work/php-5.6.8/sapi/cli/php_cli.c:1378

Patches

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Wed May 22 21:01:36 2019 UTC