#29418 [NEW]: OpenSSL mysteriously makes PHP segfault

Tue, 27 Jul 2004 20:26:09 -0700 

From:             sartre at gmail dot com
Operating system: Linux (Slackware 10.0)
PHP version:      4.3.8
PHP Bug Type:     OpenSSL related
Bug description:  OpenSSL mysteriously makes PHP segfault

Description:
------------
(using PHP 4.3.8 as the standalone executable, OpenSSL 0.9.7d)

I was writing a regression script for testing my script but when signing a
certificate with a CA I stumbled upon an unending delay (self-signed first
and then signed against the generated CA in the same script).

The PHP executable (I am not running apache) does not always reproduce the
segfault.

The *error* (forced in the script):
The client uses the same private key as the CA.

PS: It's my first time using OpenSSL in PHP, and I do not understand most
of it, but I didn't expect to get a segfault.


Reproduce code:
---------------
$key = openssl_pkey_new ();
$csr = openssl_csr_new ($dn, $key);
openssl_csr_export ($csr, $csr_exported);
$csr_signed = openssl_csr_sign ($csr, NULL, $key, 365);
openssl_x509_export ($csr_signed, $x509_exported);
openssl_pkey_export ($key, $key_exported, '');
$key_public = openssl_pkey_get_public ($x509_exported);
$struct = openssl_x509_parse ($x509_exported);
// set $dn to other value
$cert_ca = openssl_x509_read ($x509_exported);
$cert_cakey = openssl_pkey_get_private ($cert_client);
$client_csr = openssl_csr_new ($dn, $cert_cakey);
openssl_csr_export ($client_csr, $client_csr_exported);
// here!
openssl_csr_sign ($client_csr, $cert_ca, $cert_cakey, 365);

// (I cannot continue)


Expected result:
----------------
Segfault


Actual result:
--------------
#0  0x40536bff in mallopt () from /lib/libc.so.6
#1  0x40535a2f in free () from /lib/libc.so.6
#2  0x08189e7d in shutdown_memory_manager ()
#3  0x0816e470 in php_request_shutdown ()
#4  0x081a82c0 in main ()

(I expected to see any SSL function called)


-- 
Edit bug report at http://bugs.php.net/?id=29418&edit=1
-- 
Try a CVS snapshot (php4):  http://bugs.php.net/fix.php?id=29418&r=trysnapshot4
Try a CVS snapshot (php5):  http://bugs.php.net/fix.php?id=29418&r=trysnapshot5
Fixed in CVS:               http://bugs.php.net/fix.php?id=29418&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=29418&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=29418&r=needtrace
Need Reproduce Script:      http://bugs.php.net/fix.php?id=29418&r=needscript
Try newer version:          http://bugs.php.net/fix.php?id=29418&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=29418&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=29418&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=29418&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=29418&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=29418&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29418&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=29418&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=29418&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=29418&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=29418&r=float

Reply via email to