On Wed, 23 Jan 2019 at 21:28, Arkadiusz Miśkiewicz <ar...@maven.pl
<mailto:ar...@maven.pl>> wrote:
On 21/12/2018 12:51, glen wrote:
> can you please look?
Did this work with older openssl?
Because this bug is somehow related to
https://bugs.php.net/bug.php?id=61930
Simplified reproducer:
> <?php
>
>
> $url = 'https://repo.packagist.org/packages.json';
>
> function getCertificateFingerprint($certificate)
> {
> $publickey = openssl_get_publickey($certificate);
> $pubkeydetails = openssl_pkey_get_details($publickey);
> }
>
> $options = array();
>
> $defaultParams = array (
> 'options' =>
> array (
> 'ssl' =>
> array (
> 'capture_peer_cert' => true,
> 'verify_peer' => false,
> ),
> ),
> );
>
> $context = stream_context_create($options, $defaultParams);
>
> if (false === $handle = @fopen($url, 'rb', false, $context)) {
> return;
> }
>
> fclose($handle);
> $handle = null;
>
> $params = stream_context_get_params($context);
>
>
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
>
> On 12/11/18 12:53 PM, Elan Ruusamäe wrote:
>>
>> $ docker run --privileged --rm -it
registry.gitlab.com/pld-linux/pld
<http://registry.gitlab.com/pld-linux/pld> sh
>>
>> [@42300ff78c63 /]# poldek -u --noask composer gdb
--ignore=*php4*
>> --ignore=*php52*
>>
>> [@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
>> openssl-debuginfo
>>
>> [@42300ff78c63 /]# cd /tmp
>>
>> [@42300ff78c63 /tmp]# echo '{}' > composer.json
>>
>>
>> [@42300ff78c63 /tmp]# composer install
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Segmentation fault
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls true
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# composer install
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Updating dependencies (including require-dev)
>> Nothing to install or update
>> Generating autoload files
>> [@42300ff78c63 /tmp]#
>>
>> [@236200a329d5 r]# rpm -q php53-common openssl
>> php53-common-5.3.29-43.x86_64
>> openssl-1.1.1a-1.x86_64
>> [@236200a329d5 r]#
>>
>>
>>
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls false
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# gdb --args php /usr/bin/composer install
>> GNU gdb (GDB) 8.2-2 (PLD Linux)
>> Copyright (C) 2018 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later
>> <http://gnu.org/licenses/gpl.html>
>> This is free software: you are free to change and
redistribute it.
>> There is NO WARRANTY, to the extent permitted by law.
>> Type "show copying" and "show warranty" for details.
>> This GDB was configured as "x86_64-pld-linux".
>> Type "show configuration" for configuration details.
>> For bug reporting instructions, please see:
>> <http://www.gnu.org/software/gdb/bugs/>.
>> Find the GDB manual and other documentation resources online
at:
>> <http://www.gnu.org/software/gdb/documentation/>.
>>
>> For help, type "help".
>> Type "apropos word" to search for commands related to "word"...
>> Reading symbols from php...Reading symbols from
>> /usr/lib/debug/usr/bin/php53.debug...done.
>> done.
>> (gdb) r
>> Starting program: /usr/bin/php /usr/bin/composer install
>> [Thread debugging using libthread_db enabled]
>> Using host libthread_db library "/lib64/libthread_db.so.1".
>> [Detaching after fork from child process 333]
>> [Detaching after fork from child process 334]
>> [Detaching after fork from child process 335]
>> [Detaching after fork from child process 336]
>> [Detaching after fork from child process 337]
>> [Detaching after fork from child process 338]
>> [Detaching after fork from child process 339]
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [Detaching after fork from child process 340]
>> Loading composer repositories with package information
>>
>> Program received signal SIGSEGV, Segmentation fault.
>> 0x00007ffff7e66731 in _zval_ptr_dtor
(zval_ptr=0x7ffff6853f9000) at
>> /usr/src/debug/php-5.3.29/Zend/zend_execute_API.c:434
>> 434 zval *zv = *zval_ptr;
>> (gdb) bt
>> #0 0x00007ffff7e66731 in _zval_ptr_dtor
(zval_ptr=0x7ffff6853f9000)
>> at /usr/src/debug/php-5.3.29/Zend/zend_execute_API.c:434
>> #1 0x00007ffff7ec0f85 in zend_leave_helper_SPEC
>> (execute_data=execute_data@entry=0x7ffff6853eb0) at
>> /usr/src/debug/php-5.3.29/Zend/zend_vm_execute.h:160
>> #2 0x00007ffff7ec148a in ZEND_RETURN_SPEC_VAR_HANDLER
>> (execute_data=0x7ffff6853eb0) at
>> /usr/src/debug/php-5.3.29/Zend/zend_vm_execute.h:8255
>> #3 0x00007ffff7e99e61 in execute (op_array=0x131dec8) at
>> /usr/src/debug/php-5.3.29/Zend/zend_vm_execute.h:107
>> #4 0x00007ffff7e76597 in zend_execute_scripts
(type=type@entry=8,
>> retval=retval@entry=0x0, file_count=file_count@entry=3) at
>> /usr/src/debug/php-5.3.29/Zend/zend.c:1259
>> #5 0x00007ffff7e23d38 in php_execute_script
>> (primary_file=primary_file@entry=0x7fffffffd090) at
>> /usr/src/debug/php-5.3.29/main/main.c:2316
>> #6 0x0000000000404939 in main (argc=3, argv=0x7fffffffe458) at
>> /usr/src/debug/php-5.3.29/sapi/cli/php_cli.c:1189
>> (gdb)
