From: [EMAIL PROTECTED]
Operating system: Linux i386
PHP version: 4.0 Latest CVS (2001-07-01)
PHP Bug Type: mhash related
Bug description: segfault in mhash_keygen_s2k()
According to the PHP docs, the salt parameter hasa fixed length of 8 bytes. Using
lengths over 8 bytes causes a segfault in Apache.
PHP compiled as a DSO, mhash-0.8.9 compiled statically into PHP.
Sample scripts.
This does not segfault.
$salt = "oksalt";
$password = "cthulu";
$hash = mhash_keygen_s2k(MHASH_MD5, $password, $salt, 16);
This does.
$salt = "a longer bad salt";
$password = "cthulu";
$hash = mhash_keygen_s2k(MHASH_MD5, $password, $salt, 16);
Backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x4022682b in php_if_mhash_keygen_s2k (ht=4, return_value=0x812263c,
this_ptr=0x0, return_value_used=1) at mhash.c:245
245 hashid = Z_LVAL_PP(hash);
(gdb) bt
#0 0x4022682b in php_if_mhash_keygen_s2k (ht=4, return_value=0x812263c,
this_ptr=0x0, return_value_used=1) at mhash.c:245
#1 0x401f7969 in execute (op_array=0x811bab4) at ./zend_execute.c:1504
#2 0x4020617e in zend_execute_scripts (type=8, file_count=3) at zend.c:750
#3 0x402182b4 in php_execute_script (primary_file=0xbffffa88) at main.c:1265
#4 0x4021495f in apache_php_module_main (r=0x811995c, display_source_mode=0)
at sapi_apache.c:90
#5 0x4021533e in send_php (r=0x811995c, display_source_mode=0, filename=0x0)
at mod_php4.c:581
#6 0x4021537a in send_parsed_php (r=0x811995c) at mod_php4.c:594
#7 0x8054929 in ap_invoke_handler ()
#8 0x80691cf in process_request_internal ()
#9 0x8069236 in ap_process_request ()
#10 0x80601b6 in child_main ()
#11 0x8060371 in make_child ()
#12 0x80604ec in startup_children ()
#13 0x8060b5c in standalone_main ()
#14 0x806138c in main ()
#15 0x4008c38b in __libc_start_main () from /lib/libc.so.6
--
Edit Bug report at: http://bugs.php.net/?id=11817&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
