Bug #63297 [Com]: Phar fails to write an openssl based signature

a...@php.net Tue, 23 Oct 2012 08:31:10 -0700

Edit report at https://bugs.php.net/bug.php?id=63297&edit=1


 ID:                 63297
 Comment by:         a...@php.net
 Reported by:        a...@php.net
 Summary:            Phar fails to write an openssl based signature
 Status:             Open
 Type:               Bug
 Package:            PHAR related
 Operating System:   irrelevant
 PHP Version:        5.3Git-2012-10-17 (Git)
 Block user comment: N
 Private report:     N

 New Comment:

I've tried with the following snippet: 

============= START SNIPPET ================

#include <stdlib.h>

#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>

int
main(int argc, char *argv[])
{
    EVP_MD_CTX *mdctx = NULL;
    unsigned char sign_value[1024];
    int sign_len, i;
    EVP_PKEY *pkey = NULL;
    RSA *rpkey = NULL;
    FILE *rpkey_file;

    mdctx = EVP_MD_CTX_create();

    rpkey_file = fopen("./rsa.key", "r");
    if (!rpkey_file) {
        return 3;
    }
    PEM_read_RSAPrivateKey(rpkey_file, &rpkey, NULL, NULL);

    pkey = EVP_PKEY_new();
    EVP_PKEY_set1_RSA(pkey, rpkey);

    EVP_SignInit_ex(mdctx, EVP_sha1(), NULL);
    EVP_SignUpdate(mdctx, "abracadabra0", strlen("abracadabra0"));
    EVP_SignUpdate(mdctx, "abracadabra1", strlen("abracadabra1"));
    EVP_SignUpdate(mdctx, "abracadabra2", strlen("abracadabra2"));
    EVP_SignUpdate(mdctx, "abracadabra3", strlen("abracadabra3"));
    EVP_SignUpdate(mdctx, "abracadabra4", strlen("abracadabra4"));
    EVP_SignFinal(mdctx, sign_value, (unsigned int *)&sign_len, pkey);

    sign_value[sign_len] = '\0';
    EVP_MD_CTX_destroy(mdctx);

    printf("Signature is: ");
    for(i = 0; i < sign_len; i++) {
        printf("%02x", sign_value[i]);
    }
    printf("\n");

    fclose(rpkey_file);

    return 0;
}

============= END SNIPPET ================

It does the same thing as the code in the phar extension producing a signature. 
Running that with valgrind gives a bunch of messages about openssl. After 
reading the openssl wiki http://www.openssl.org/support/faq.html#PROG13 I think 
the actual issue here is that no cleanup is performed on openssl, but that's a 
more global issue.

Thus, there is no clean run with or without the patch using valgrind. But the 
patch fixes the test run on windows, so i think it's worth to apply it.


Previous Comments:
------------------------------------------------------------------------
[2012-10-23 09:20:20] a...@php.net

Note that the previous trace was produced on CentOS using openssl 1.0.0 where 
under windows the bug shows up with openssl 0.9.8x .

------------------------------------------------------------------------
[2012-10-23 08:50:14] a...@php.net

Running with the valgrind, there is the following trace:

==22867== Use of uninitialised value of size 4
==22867==    at 0x829FFF2: phar_hex_str (util.c:1641)
==22867==    by 0x82A0ED4: phar_create_signature (util.c:2212)
==22867==    by 0x82A5923: phar_tar_flush (tar.c:1159)
==22867==    by 0x82C4CDF: phar_flush (phar.c:2611)
==22867==    by 0x82D31DD: zim_Phar_setSignatureAlgorithm (phar_object.c:3124)
==22867==    by 0x85AE738: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:320)
==22867==    by 0x85AEDDA: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER 
(zend_vm_execute.h:425)
==22867==    by 0x85ADC35: execute (zend_vm_execute.h:107)
==22867==    by 0x857C919: zend_execute_scripts (zend.c:1236)
==22867==    by 0x8505EB0: php_execute_script (main.c:2308)
==22867==    by 0x864F24A: main (php_cli.c:1189)
==22867==
==22867== Use of uninitialised value of size 4
==22867==    at 0x82A0019: phar_hex_str (util.c:1642)
==22867==    by 0x82A0ED4: phar_create_signature (util.c:2212)
==22867==    by 0x82A5923: phar_tar_flush (tar.c:1159)
==22867==    by 0x82C4CDF: phar_flush (phar.c:2611)
==22867==    by 0x82D31DD: zim_Phar_setSignatureAlgorithm (phar_object.c:3124)
==22867==    by 0x85AE738: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:320)
==22867==    by 0x85AEDDA: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER 
(zend_vm_execute.h:425)
==22867==    by 0x85ADC35: execute (zend_vm_execute.h:107)
==22867==    by 0x857C919: zend_execute_scripts (zend.c:1236)
==22867==    by 0x8505EB0: php_execute_script (main.c:2308)
==22867==    by 0x864F24A: main (php_cli.c:1189)
==22867==
==22867==
==22867== Syscall param write(buf) points to uninitialised byte(s)
==22867==    at 0x24E363: __write_nocancel (syscall-template.S:82)
==22867==    by 0x851F8A9: _php_stream_write_buffer (streams.c:1055)
==22867==    by 0x851FB5D: _php_stream_write (streams.c:1166)
==22867==    by 0x82A5A75: phar_tar_flush (tar.c:1190)
==22867==    by 0x82C4CDF: phar_flush (phar.c:2611)
==22867==    by 0x82D31DD: zim_Phar_setSignatureAlgorithm (phar_object.c:3124)
==22867==    by 0x85AE738: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:320)
==22867==    by 0x85AEDDA: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER 
(zend_vm_execute.h:425)
==22867==    by 0x85ADC35: execute (zend_vm_execute.h:107)
==22867==    by 0x857C919: zend_execute_scripts (zend.c:1236)
==22867==    by 0x8505EB0: php_execute_script (main.c:2308)
==22867==    by 0x864F24A: main (php_cli.c:1189)
==22867==  Address 0x58ae570 is 0 bytes inside a block of size 129 alloc'd
==22867==    at 0x400682F: malloc (vg_replace_malloc.c:236)
==22867==    by 0x855734A: _emalloc (zend_alloc.c:2348)
==22867==    by 0x82A0C15: phar_create_signature (util.c:2145)
==22867==    by 0x82A5923: phar_tar_flush (tar.c:1159)
==22867==    by 0x82C4CDF: phar_flush (phar.c:2611)
==22867==    by 0x82D31DD: zim_Phar_setSignatureAlgorithm (phar_object.c:3124)
==22867==    by 0x85AE738: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:320)
==22867==    by 0x85AEDDA: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER 
(zend_vm_execute.h:425)
==22867==    by 0x85ADC35: execute (zend_vm_execute.h:107)
==22867==    by 0x857C919: zend_execute_scripts (zend.c:1236)
==22867==    by 0x8505EB0: php_execute_script (main.c:2308)
==22867==    by 0x864F24A: main (php_cli.c:1189)
==22867==

------------------------------------------------------------------------
[2012-10-17 22:13:53] mattfic...@php.net

Iâve tried your patch on PHP_5_4â¦

All 3 of those tests pass for me. The only failing test I get is 
fatal_error_webphar.phpt.

------------------------------------------------------------------------
[2012-10-17 09:25:42] a...@php.net

After looking close I can see the same behaviour on this three tests

ext\phar\tests\tar\phar_setsignaturealgo2.phpt
ext\phar\tests\test_signaturealgos.phpt
ext\phar\tests\zip\phar_setsignaturealgo2.phpt

and also on 5.4 ... just a side note.

------------------------------------------------------------------------
[2012-10-17 09:22:18] a...@php.net

The following patch has been added/updated:

Patch Name: bug63297
Revision:   1350465738
URL:        
https://bugs.php.net/patch-display.php?bug=63297&patch=bug63297&revision=1350465738

------------------------------------------------------------------------


The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at

    https://bugs.php.net/bug.php?id=63297


-- 
Edit this bug report at https://bugs.php.net/bug.php?id=63297&edit=1

Bug #63297 [Com]: Phar fails to write an openssl based signature

Reply via email to