Edit report at http://bugs.php.net/bug.php?id=54060&edit=1
ID: 54060 User updated by: dovbysh at gmail dot com Reported by: dovbysh at gmail dot com Summary: Memory leaks when openssl_encrypt called -Status: Closed +Status: Assigned Type: Bug Package: OpenSSL related -Operating System: +Operating System: Any PHP Version: 5.3SVN-2011-02-21 (snap) Assigned To: pajoye Block user comment: N Private report: N New Comment: openssl_decrypt appears this bug too... test script: <?php $data = "jfdslkjvflsdkjvlkfjvlkjfvlkdm,4w 043920r 9234r 32904r 09243 r7-89437 r892374 r894372 r894 7289r7 f frwerfh i iurf iuryw uyrfouiwy ruy 972439 8478942 yrhfjkdhls"; $pass = "r23498rui324hjbnkj"; $maxi = 200000; $t = microtime(1); for ($i=0;$i<$maxi; $i++){ $cr = openssl_encrypt($data.$i, 'des3', $pass, false, '1qazxsw2'); $dcr = openssl_decrypt($cr, 'des3', $pass, false, '1qazxsw2'); if ($dcr != $data.$i){ print "at step $i decryption failed\n"; } } $t = microtime(1)-$t; print "mode: openssl_encrypt ($maxi) tests takes ".$t."secs ".($maxi/$t)."#/sec \n"; ?> fixes by add this code at line 4818 at the end of openssl_decrypt: EVP_CIPHER_CTX_cleanup(&cipher_ctx); Previous Comments: ------------------------------------------------------------------------ [2011-02-21 11:07:49] paj...@php.net This bug has been fixed in SVN. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. ------------------------------------------------------------------------ [2011-02-21 11:07:33] paj...@php.net Automatic comment from SVN on behalf of pajoye Revision: http://svn.php.net/viewvc/?view=revision&revision=308531 Log: - fix bug #54060, memory leak in openssl_encrypt ------------------------------------------------------------------------ [2011-02-21 10:48:43] paj...@php.net verified, patch on its way. ------------------------------------------------------------------------ [2011-02-21 09:16:10] dovbysh at gmail dot com Description: ------------ Memory leaks when I call openssl_encrypt. Test script shows that. I've watch at ext/openssl/openssl.c and according to http://www.openssl.org/docs/crypto/EVP_EncryptInit.html (see example at the bottom) you should free cipher_ctx. So I've put EVP_CIPHER_CTX_cleanup(&cipher_ctx); at line 4722 before RETVAL_STRINGL(base64_str, base64_str_len, 0); Recompile php (make && make install) and after start test (mem_non_leaks.log) I have decreaced memory leakes. It's seems, it's not compleate patch With memory leakes: valgrind --log-file=mem_eak.log --leak-check=full ~/php5.3/bin/php -d extension=openssl.so crypt_test_openssl.php Report: ==31035== 76,713,600 bytes in 199,775 blocks are definitely lost in loss record 128 of 128 ==31035== at 0x4A05E1C: malloc (vg_replace_malloc.c:195) ==31035== by 0x35670DAD91: CRYPTO_malloc (in /lib64/libcrypto.so.0.9.8e) ==31035== by 0x35670D9450: EVP_CipherInit_ex (in /lib64/libcrypto.so.0.9.8e) ==31035== by 0x861079C: ??? ==31035== by 0x76BED1: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:316) ==31035== by 0x771E17: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:1606) ==31035== by 0x76AEED: execute (zend_vm_execute.h:107) ==31035== by 0x737E93: zend_execute_scripts (zend.c:1194) ==31035== by 0x6B72E5: php_execute_script (main.c:2268) ==31035== by 0x82AFA7: main (php_cli.c:1193) ==31035== ==31035== LEAK SUMMARY: ==31035== definitely lost: 76,713,984 bytes in 199,776 blocks ==31035== indirectly lost: 0 bytes in 0 blocks ==31035== possibly lost: 74,880 bytes in 195 blocks ==31035== still reachable: 100,809 bytes in 1,688 blocks ==31035== suppressed: 0 bytes in 0 blocks Almost without memory leaks: valgrind --log-file=mem_non_leaks.log --leak-check=full /home/dovbyshko/php5.3/bin/php -d extension=openssl.so crypt_test_openssl.php ==19014== LEAK SUMMARY: ==19014== definitely lost: 384 bytes in 1 blocks ==19014== indirectly lost: 0 bytes in 0 blocks ==19014== possibly lost: 0 bytes in 0 blocks ==19014== still reachable: 88,905 bytes in 1,657 blocks ==19014== suppressed: 0 bytes in 0 blocks Test script: --------------- <?php $data = "jfdslkjvflsdkjvlkfjvlkjfvlkdm,4w 043920r 9234r 32904r 09243 r7-89437 r892374 r894372 r894 7289r7 f frwerfh i iurf iuryw uyrfouiwy ruy 972439 8478942 yrhfjkdhls"; $pass = "r23498rui324hjbnkj"; $maxi = 200000; $t = microtime(1); for ($i=0;$i<$maxi; $i++){ openssl_encrypt($data.$i, 'des3', $pass, false, '1qazxsw2'); } $t = microtime(1)-$t; print "mode: openssl_encrypt ($maxi) tests takes ".$t."secs ".($maxi/$t)."#/sec \n"; ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/bug.php?id=54060&edit=1