|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #76542 Memory leak during verify_peer_name validation of a SAN SSL certificate
Submitted: 2018-06-28 22:20 UTC Modified: 2019-06-27 08:49 UTC
Avg. Score:4.8 ± 0.4
Reproduced:5 of 5 (100.0%)
Same Version:1 (20.0%)
Same OS:1 (20.0%)
From: php at lvl dot fastmail dot com Assigned: nikic (profile)
Status: Closed Package: OpenSSL related
PHP Version: 7.2.7 OS: Ubuntu 18.04
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
40 - 36 = ?
Subscribe to this entry?

 [2018-06-28 22:20 UTC] php at lvl dot fastmail dot com
Originally discovered here: Verified with version on Ubuntu 18.04, libssl 1.1.0g.

There's a memory leak in PHP's validation of SSL certificates when that SSL certificate contains SAN entries. Since nearly every real world SSL certificate uses SAN, this means every long-running PHP script that acts as a HTTPS client will eventually run out of memory.

To reproduce, first create a self-signed certificate with SAN:

openssl req \
    -newkey rsa:2048 \
    -x509 \
    -nodes \
    -keyout server.key \
    -new \
    -out server.crt \
    -subj /CN= \
    -reqexts SAN \
    -extensions SAN \
    -config <(cat /etc/ssl/openssl.cnf \
        <(printf '[SAN]\nsubjectAltName=DNS:,DNS:')) \
    -sha256 \
    -days 3650

Then configure for example nginx to use this certificate:

server {
    listen 443 ssl;
    ssl_certificate /etc/nginx/server.crt;
    ssl_certificate_key /etc/nginx/server.key;
    return 201;

Finally run the test script below and observe using "top" that PHP's memory usage is quickly increasing. Calls to memory_get_usage() will *not* show signs of the leak though.

Running this test with a SSL certificate without the subjectAltName entry will *not* trigger the memory leak.

Add ['verify_peer_name' => false] to the ssl context options and there will *not* be a leak.

Test script:
$options = [
    'ssl' => [
        'verify_peer' => false

while (true) {
    $response = file_get_contents('', false, stream_context_create($options));


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2019-06-27 08:49 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: nikic
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri Nov 27 18:01:25 2020 UTC