004.php

hostmaster at uuism dot net Sun, 02 Nov 2008 17:19:50 -0800

From:             hostmaster at uuism dot net
Operating system: Fedora Core 4
PHP version:      5.2CVS-2008-11-03 (snap)
PHP Bug Type:     OpenSSL related
Bug description:  System Crash when running test script 
ext/openssl/tests/004.php


Description:
------------
When I run test script  ext/openssl/tests/004.php, I get a Core Dump when
it executes this part of the code:

//this leaks
$a = array(1,2);
$b = array(1,2);
var_dump(openssl_csr_new($a, $b));

Here is a back-trace from gdb:

#0  0x004c48a5 in memcpy () from /lib/libc.so.6
#1  0x083ebdcd in ASN1_STRING_set ()
#2  0x0057dff4 in ?? () from /lib/libc.so.6
#3  0x0057f880 in ?? () from /lib/libc.so.6
#4  0x00000000 in ?? ()

I ran configure with this string:

./configure  --build=i386-redhat-linux --host=i386-redhat-linux
--target=i386-redhat-linux-gnu --program-prefix= --prefix=/usr
--exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc
--datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib
--libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com
--mandir=/usr/share/man --infodir=/usr/share/info
--cache-file=../config.cache --with-libdir=lib --with-config-file-path=/etc
--with-config-file-scan-dir=/etc/php.d --enable-debug --with-pic
--disable-rpath --with-bz2 --with-curl --with-exec-dir=/usr/bin
--with-freetype-dir=/usr --with-png-dir=/usr --enable-gd-native-ttf
--without-gdbm --with-gettext --with-gmp --with-iconv --with-jpeg-dir=/usr
--with-openssl            --with-pspell                      
--with-pcre-regex=/usr/local --with-zlib --with-layout=GNU --enable-exif
--enable-ftp --enable-magic-quotes --enable-sockets --enable-sysvsem
--enable-sysvshm --enable-sysvmsg                                          
         --enable-wddx --with-pear=/usr/share/pear --with-kerberos
--enable-ucd-snmp-hack --with-unixODBC=shared,/usr                      
--enable-shmop --enable-calendar                          
--with-mime-magic=/etc/httpd/conf/magic --without-sqlite
--with-libxml-dir=/usr/local --enable-force-cgi-redirect --enable-pcntl
--with-imap=shared --with-imap-ssl --enable-mbstring=shared                
         --enable-mbregex --with-ncurses=shared --with-gd=shared
--enable-bcmath=shared --enable-dba=shared --with-db4=/usr
--with-xmlrpc=shared --with-ldap=shared --with-mysql=shared,/usr
--with-mysqli=shared,/usr/bin/mysql_config --enable-dom=shared
--with-pgsql=shared --with-snmp=shared,/usr --enable-soap=shared
--with-xsl=shared,/usr --enable-fastcgi --with-pcre-dir=/usr/local
--enable-xmlreader=shared --with-mcrypt --with-mhash
--with-config-file-path=/etc/php-testing
--with-config-file-scan-dir=/etc/php-testing/php.d

Here is how I ran the test:

# TEST_PHP_EXECUTABLE=sapi/cli/php sapi/cli/php ./run-tests.php
ext/openssl/tests/004.phpt

=====================================================================
PHP         : sapi/cli/php
PHP_SAPI    : cli
PHP_VERSION : 5.2.7RC3-dev
ZEND_VERSION: 2.2.0
PHP_OS      : Linux - Linux host.uuserver.net 2.6.20.1 #16 SMP Thu Nov 8
14:19:44 EST 2007 i686
INI actual  : /etc/php-testing/php.ini
More .INIs  :
/etc/php-testing/php.d/mbstring.ini,/etc/php-testing/php.d/mysql.ini,/etc/php-testing/php.d/mysqli.ini,/etc/php-testing/php.d/soap.ini,/etc/php-testing/php.d/xmlrpc.ini
CWD         : /usr/local/src/php5.2-200811022130
Extra dirs  :
VALGRIND    : Not used
=====================================================================
Running selected tests.
FAIL openssl_csr_new() tests [ext/openssl/tests/004.phpt]
=====================================================================
Number of tests :    1                 1
Tests skipped   :    0 (  0.0%) --------
Tests warned    :    0 (  0.0%) (  0.0%)
Tests failed    :    1 (100.0%) (100.0%)
Expected fail   :    0 (  0.0%) (  0.0%)
Tests passed    :    0 (  0.0%) (  0.0%)
---------------------------------------------------------------------
Time taken      :    1 seconds
=====================================================================

=====================================================================
FAILED TEST SUMMARY
---------------------------------------------------------------------
openssl_csr_new() tests [ext/openssl/tests/004.phpt]
=====================================================================

My openssl version is OpenSSL 0.9.8h 28 May 2008

The binary is installed at /usr/local/bin/openssl, the include directory
is /usr/local/include/openssl and the configuration directory is
/usr/local/openssl.

Jim





Reproduce code:
---------------
<?php

$a = 1;
var_dump(openssl_csr_new(1,$a));
var_dump(openssl_csr_new(1,$a,1,1));
$a = array();
var_dump(openssl_csr_new(array(), $a, array(), array()));

//this leaks
$a = array(1,2);
$b = array(1,2);
var_dump(openssl_csr_new($a, $b));


echo "Done\n";
?>


Expected result:
----------------
Warning: openssl_csr_new() expects parameter 1 to be array, integer given
in %s on line %d
NULL

Warning: openssl_csr_new() expects parameter 1 to be array, integer given
in %s on line %d
NULL

Warning: openssl_csr_new(): key array must be of the form array(0 => key,
1 => phrase) in %s on line %d

Warning: openssl_csr_new(): add1_attr_by_txt challengePassword_min -> 4
(failed) in %s on line %d
bool(false)
resource(%d) of type (OpenSSL X.509 CSR)
Done


Actual result:
--------------
Warning: openssl_csr_new() expects parameter 1 to be array, integer given
in /usr/local/src/php5.2-200811022130/ext/openssl/tests/004.php on line 4
NULL

Warning: openssl_csr_new() expects parameter 1 to be array, integer given
in /usr/local/src/php5.2-200811022130/ext/openssl/tests/004.php on line 5
NULL

Warning: openssl_csr_new(): key array must be of the form array(0 => key,
1 => phrase) in
/usr/local/src/php5.2-200811022130/ext/openssl/tests/004.php on line 7
Segmentation fault (core dumped)


-- 
Edit bug report at http://bugs.php.net/?id=46468&edit=1
-- 
Try a CVS snapshot (PHP 5.2):        
http://bugs.php.net/fix.php?id=46468&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):        
http://bugs.php.net/fix.php?id=46468&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):        
http://bugs.php.net/fix.php?id=46468&r=trysnapshot60
Fixed in CVS:                        
http://bugs.php.net/fix.php?id=46468&r=fixedcvs
Fixed in CVS and need be documented: 
http://bugs.php.net/fix.php?id=46468&r=needdocs
Fixed in release:                    
http://bugs.php.net/fix.php?id=46468&r=alreadyfixed
Need backtrace:                      
http://bugs.php.net/fix.php?id=46468&r=needtrace
Need Reproduce Script:               
http://bugs.php.net/fix.php?id=46468&r=needscript
Try newer version:                   
http://bugs.php.net/fix.php?id=46468&r=oldversion
Not developer issue:                 
http://bugs.php.net/fix.php?id=46468&r=support
Expected behavior:                   
http://bugs.php.net/fix.php?id=46468&r=notwrong
Not enough info:                     
http://bugs.php.net/fix.php?id=46468&r=notenoughinfo
Submitted twice:                     
http://bugs.php.net/fix.php?id=46468&r=submittedtwice
register_globals:                    
http://bugs.php.net/fix.php?id=46468&r=globals
PHP 4 support discontinued:          http://bugs.php.net/fix.php?id=46468&r=php4
Daylight Savings:                    http://bugs.php.net/fix.php?id=46468&r=dst
IIS Stability:                       
http://bugs.php.net/fix.php?id=46468&r=isapi
Install GNU Sed:                     
http://bugs.php.net/fix.php?id=46468&r=gnused
Floating point limitations:          
http://bugs.php.net/fix.php?id=46468&r=float
No Zend Extensions:                  
http://bugs.php.net/fix.php?id=46468&r=nozend
MySQL Configuration Error:           
http://bugs.php.net/fix.php?id=46468&r=mysqlcfg

#46468 [NEW]: System Crash when running test script ext/openssl/tests/004.php

Reply via email to