#29418 [Fbk->Opn]: OpenSSL mysteriously makes PHP segfault
ID: 29418 User updated by: sartre at gmail dot com Reported By: sartre at gmail dot com -Status: Feedback +Status: Open Bug Type: OpenSSL related Operating System: Linux (Slackware 10.0) PHP Version: 4.3.8 New Comment: There's a backtrace in the 'actual result' field.. Mysteriously it did not contain *any* zend routine. Whether this may or may not be a scripting bug, I (nor would any of we) didn't expect PHP to segfault (that's why I posted that). Thanks! Previous Comments: [2004-07-29 05:45:53] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a backtrace to see what is happening behind the scenes. To find out how to generate a backtrace, please read http://bugs.php.net/bugs-generating-backtrace.php Once you have generated a backtrace, please submit it to this bug report and change the status back to "Open". Thank you for helping us make PHP better. -------- [2004-07-28 05:26:02] sartre at gmail dot com Description: (using PHP 4.3.8 as the standalone executable, OpenSSL 0.9.7d) I was writing a regression script for testing my script but when signing a certificate with a CA I stumbled upon an unending delay (self-signed first and then signed against the generated CA in the same script). The PHP executable (I am not running apache) does not always reproduce the segfault. The *error* (forced in the script): The client uses the same private key as the CA. PS: It's my first time using OpenSSL in PHP, and I do not understand most of it, but I didn't expect to get a segfault. Reproduce code: --- $key = openssl_pkey_new (); $csr = openssl_csr_new ($dn, $key); openssl_csr_export ($csr, $csr_exported); $csr_signed = openssl_csr_sign ($csr, NULL, $key, 365); openssl_x509_export ($csr_signed, $x509_exported); openssl_pkey_export ($key, $key_exported, ''); $key_public = openssl_pkey_get_public ($x509_exported); $struct = openssl_x509_parse ($x509_exported); // set $dn to other value $cert_ca = openssl_x509_read ($x509_exported); $cert_cakey = openssl_pkey_get_private ($cert_client); $client_csr = openssl_csr_new ($dn, $cert_cakey); openssl_csr_export ($client_csr, $client_csr_exported); // here! openssl_csr_sign ($client_csr, $cert_ca, $cert_cakey, 365); // (I cannot continue) Expected result: Segfault Actual result: -- #0 0x40536bff in mallopt () from /lib/libc.so.6 #1 0x40535a2f in free () from /lib/libc.so.6 #2 0x08189e7d in shutdown_memory_manager () #3 0x0816e470 in php_request_shutdown () #4 0x081a82c0 in main () (I expected to see any SSL function called) -- Edit this bug report at http://bugs.php.net/?id=29418&edit=1
#29418 [NEW]: OpenSSL mysteriously makes PHP segfault
From: sartre at gmail dot com Operating system: Linux (Slackware 10.0) PHP version: 4.3.8 PHP Bug Type: OpenSSL related Bug description: OpenSSL mysteriously makes PHP segfault Description: (using PHP 4.3.8 as the standalone executable, OpenSSL 0.9.7d) I was writing a regression script for testing my script but when signing a certificate with a CA I stumbled upon an unending delay (self-signed first and then signed against the generated CA in the same script). The PHP executable (I am not running apache) does not always reproduce the segfault. The *error* (forced in the script): The client uses the same private key as the CA. PS: It's my first time using OpenSSL in PHP, and I do not understand most of it, but I didn't expect to get a segfault. Reproduce code: --- $key = openssl_pkey_new (); $csr = openssl_csr_new ($dn, $key); openssl_csr_export ($csr, $csr_exported); $csr_signed = openssl_csr_sign ($csr, NULL, $key, 365); openssl_x509_export ($csr_signed, $x509_exported); openssl_pkey_export ($key, $key_exported, ''); $key_public = openssl_pkey_get_public ($x509_exported); $struct = openssl_x509_parse ($x509_exported); // set $dn to other value $cert_ca = openssl_x509_read ($x509_exported); $cert_cakey = openssl_pkey_get_private ($cert_client); $client_csr = openssl_csr_new ($dn, $cert_cakey); openssl_csr_export ($client_csr, $client_csr_exported); // here! openssl_csr_sign ($client_csr, $cert_ca, $cert_cakey, 365); // (I cannot continue) Expected result: Segfault Actual result: -- #0 0x40536bff in mallopt () from /lib/libc.so.6 #1 0x40535a2f in free () from /lib/libc.so.6 #2 0x08189e7d in shutdown_memory_manager () #3 0x0816e470 in php_request_shutdown () #4 0x081a82c0 in main () (I expected to see any SSL function called) -- Edit bug report at http://bugs.php.net/?id=29418&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=29418&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=29418&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=29418&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=29418&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=29418&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=29418&r=needscript Try newer version: http://bugs.php.net/fix.php?id=29418&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=29418&r=support Expected behavior: http://bugs.php.net/fix.php?id=29418&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=29418&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=29418&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=29418&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29418&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=29418&r=dst IIS Stability: http://bugs.php.net/fix.php?id=29418&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=29418&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=29418&r=float