ID: 15140
Comment by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Assigned
Bug Type: mcrypt related
Operating System: Redhat 7.2
PHP Version: 4.1.1
Assigned To: derick
New Comment:
Problem found in libmcrypt...
The cause of the SEGFAULT is due to the key being of the wrong length.
The only accepted values for key length are 16,24 and 32 bytes.
Otherwise this cause libmcrypt to generate a segfault for twofish.
Hope to find a way to correct libmcrypt to report gracefully that the
key length is wrong. If not it may need to be implemented in php (That
would be the BAD Way of doing it).
BG
Previous Comments:
------------------------------------------------------------------------
[2002-02-01 01:17:16] [EMAIL PROTECTED]
Derick,
Closer to a solution...
Mcrypt Bug is found but not fixed.
OK Here is the symptoms:
In The PHP Code the function mcrypt_generic_init (td, key_s,
key_size,iv_s) is called with key_size=19. (should be 16 and I don't
know why yet)
This will gives the segfault.
Try it in mcrypt-2.4.18/doc/example.c
change the line at the beginning of the main
int keysize=16; /* 128 bits */ to
int keysize=19; /* 128 bits */
Compile and BOOM Crash Segfault.
Ok Now why is php thinks the keysize should be 19.....
to test check this code:
The Culprit code is in <yourphpsource>/ext/mcrypt/mcrypt.c line 494
php-4.1.1
add the two line. You will see that Part 12 will never get executed for
twofish.
and keysize is 19.
added>>> fprintf(stderr, "MCRYPT Debug Part 11\nKey_s:%s,
\nKey_Size:%d,\nIV:%s, \nIV_S:%s, \n",key_s, key_size, iv_s);
result = mcrypt_generic_init (td, key_s, key_size, iv_s);
added>>> fprintf(stderr, "MCRYPT Debug Part 12\n");
Will come back with an answer
BG
------------------------------------------------------------------------
[2002-01-21 09:48:24] [EMAIL PROTECTED]
To be completely clear, Derick asked to file a bugreport in the
PHP-bugs-system about mcrypt not passing some PHP-tests, not to send
the mcrypt-folks a bugreport.
------------------------------------------------------------------------
[2002-01-21 07:22:12] [EMAIL PROTECTED]
That was quick.
I am also sending a Bug Report to mcrypt.
Testing with GOST Fail in the Same Way.
Works for the others listed below.
//T($user_id, MCRYPT_TWOFISH); // Generates Seg Fault.
//T($user_id, MCRYPT_GOST); // Crash The System like TWOFISH
T($user_id, MCRYPT_TripleDES); // Good
T($user_id, MCRYPT_BLOWFISH); // Good
T($user_id, MCRYPT_DES); // Good
T($user_id, MCRYPT_RC2); // Good
------------------------------------------------------------------------
[2002-01-21 07:10:31] [EMAIL PROTECTED]
I'll check this out, please file a bug report for mcrypt too (about not
passing make test).
Derick
------------------------------------------------------------------------
[2002-01-21 07:06:15] [EMAIL PROTECTED]
The Script as it is will work using Triple DES
Uncomment the TWOFISH Line At The Bottom of the code and you will get
the Segmentation Fault.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/?id=15140
Edit this bug report at http://bugs.php.net/?id=15140&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
