php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74402 segfault on random_bytes, bin2hex, openssl_seal
Submitted: 2017-04-10 10:19 UTC Modified: 2017-04-10 10:53 UTC
From: hboomsma at hostnet dot nl Assigned:
Status: Closed Package: Reproducible crash
PHP Version: 7.1.3 OS: Linux
Private report: No CVE-ID: None
 [2017-04-10 10:19 UTC] hboomsma at hostnet dot nl
Description:
------------
When using the output of bin2hex(random_bytes) in a openssl_seal, segaults starts occurring.

We got around this problem in our source by prepending an 'A' to the random bytes before calling bin2hex on them.

Crashed on all versions supporting random_bytes:
https://3v4l.org/lrLgW


Test script:
---------------
<?php
define(
    'KEY',
    <<<'KEY'
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvjCLfpS0MyilIjR+IsH
HPH8TqFUCw4kTAVmTy9SDZV9hHYY2EPgrlTd7gvMP/DWipvBD6Y5w2bPdAQoXr5D
qEKAGkE+1El4hS8XyuOdYXSYTDH1HPSlFiGdgsnlkFcbh/fJyzIKBaGLnWxsjhiS
deiI7KuEkI9zt+X2r4KqFt/dhnXz0kcB1M7qyhQ6Rvijgjy/A1LsN4ZAREFLCEjb
1AP9nk0QAUHWcG5MvbgsE20Pn4R5wFsMFBTvNmb34jHFREgR9j4DYcV5FFR3tKb8
3XtjE9/kjfK29BSpiyXZs8PSqDhO00vh6txUB4VfkVUD2Bi93rxDeyALnCW7My+l
YwIDAQAB
-----END PUBLIC KEY-----
KEY
);

$bytes = random_bytes(32);
$iv    = '';

for ($i = 0; $i < 100; $i++) {
    openssl_seal(bin2hex($bytes), $sealed_data, $env_keys, [KEY], 'AES256', $iv);
    \ob_end_clean();
}

Expected result:
----------------
no output and no crash

Actual result:
--------------
Notice: P ��� in /in/lrLgW on line 22

Process exited with code 139.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-04-10 10:49 UTC] krakjoe@php.net
This causes an invalid write on openssl.c:5900 (buf[len1 + len2] = '\0';), possibly because data_len is -1, possibly a mistake from upgrade to ng ...

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 556e377081..79884e26c6 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -5833,6 +5833,8 @@ PHP_FUNCTION(openssl_seal)
                RETURN_FALSE;
        }
 
+       data_len++;
+
        PHP_OPENSSL_CHECK_SIZE_T_TO_INT(data_len, data);
 
        if (method) {

Possibly ... but we should wait for someone with more of a clue, I'm scared of openssl ...
 [2017-04-10 10:53 UTC] krakjoe@php.net
Possibly:

!EVP_SealUpdate(ctx, buf, &len1, (unsigned char *)data, (int)data_len)

should be data_len - 1 if the above patch is applied ...

I'm scared ...
 [2017-04-10 11:04 UTC] laruence@php.net
Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=42e576ace20355418bdc11226ac045cea4737391
Log: Fixed bug #74402 (segfault on random_bytes, bin2hex, openssl_seal)
 [2017-04-10 11:04 UTC] laruence@php.net
-Status: Open +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 28 17:01:27 2024 UTC