Re: openssl again makes php5.3 crash
Arkadiusz Miśkiewicz wrote: > I wasn't able to find the cause of this. Compared ext/openssl with 5.4 > (which doesn't segfault) and can't find the problem. > > Even backported ext/openssl from 5.4 to 5.3 still gets me segfaulting > php 5.3. > > So I think the problem is solved outside ext/openssl. > > Reproducer if anyone wants to look below. openssl.patch is broken. zval is struct not pointer, so type of local variables should be 'zval *' not bare zval. Fixed in repo as release 45. ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: openssl again makes php5.3 crash
On 05/02/2019 17:43, glen wrote:
> friendly ping!
I wasn't able to find the cause of this. Compared ext/openssl with 5.4
(which doesn't segfault) and can't find the problem.
Even backported ext/openssl from 5.4 to 5.3 still gets me segfaulting
php 5.3.
So I think the problem is solved outside ext/openssl.
Reproducer if anyone wants to look below.
I still plan to play with this more (because I'll be doing php 5.3
upgrades here in feb/march).
https://repo.packagist.org/packages.json';
function getCertificateFingerprint($certificate)
{
$publickey = openssl_get_publickey($certificate);
$pubkeydetails = openssl_pkey_get_details($publickey);
}
$options = array();
$defaultParams = array (
'options' =>
array (
'ssl' =>
array (
'capture_peer_cert' => true,
'verify_peer' => false,
),
),
);
$context = stream_context_create($options, $defaultParams);
if (false === $handle = @fopen($url, 'rb', false, $context)) {
return;
}
fclose($handle);
$handle = null;
$params = stream_context_get_params($context);
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
> On 2/1/19 4:41 PM, glen wrote:
>> (somewhy arekm wrote privately to me only).
>>
>> anyway, the rel 44 (from th-test) still fails:
>>
>> [root@2e971bacdb48 app]# echo '{}'> composer.json
>> [root@2e971bacdb48 app]# composer install; echo $?
>> Loading composer repositories with package information
>> 139
>> [root@2e971bacdb48 app]# rpm -q php53-common
>> php53-common-5.3.29-44.x86_64
>> [root@2e971bacdb48 app]#
>>
>> On 1/23/19 11:54 PM, Arkadiusz Miśkiewicz wrote:
>>> On 23/01/2019 22:00, Elan Ruusamäe wrote:
yes. it worked, with openssl 1.1 crashes
>>> php 5.4 doesn't crash.
>>>
>>> backported ext/openssl to 5.3 crashes.
>>>
>>> Fun.
>>>
On Wed, 23 Jan 2019 at 21:28, Arkadiusz Miśkiewicz >>> > wrote:
On 21/12/2018 12:51, glen wrote:
> can you please look?
Did this work with older openssl?
Because this bug is somehow related to
https://bugs.php.net/bug.php?id=61930
Simplified reproducer:
> >>> >
>
> $url = 'https://repo.packagist.org/packages.json';
>
> function getCertificateFingerprint($certificate)
> {
> $publickey = openssl_get_publickey($certificate);
> $pubkeydetails = openssl_pkey_get_details($publickey);
> }
>
> $options = array();
>
> $defaultParams = array (
> 'options' =>
> array (
> 'ssl' =>
> array (
> 'capture_peer_cert' => true,
> 'verify_peer' => false,
> ),
> ),
> );
>
> $context = stream_context_create($options, $defaultParams);
>
> if (false === $handle = @fopen($url, 'rb', false, $context)) {
> return;
> }
>
> fclose($handle);
> $handle = null;
>
> $params = stream_context_get_params($context);
>
>
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
>
> On 12/11/18 12:53 PM, Elan Ruusamäe wrote:
>>
>> $ docker run --privileged --rm -it
registry.gitlab.com/pld-linux/pld
sh
>>
>> [@42300ff78c63 /]# poldek -u --noask composer gdb
--ignore=*php4*
>> --ignore=*php52*
>>
>> [@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
>> openssl-debuginfo
>>
>> [@42300ff78c63 /]# cd /tmp
>>
>> [@42300ff78c63 /tmp]# echo '{}' > composer.json
>>
>>
>> [@42300ff78c63 /tmp]# composer install
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Segmentation fault
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls true
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# composer install
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Updating dependencies (including require-dev)
>> Nothing to install or update
>> Generating autoload files
>> [@42300ff78c63 /tmp]#
>>
>> [@236200a329d5 r]# rpm -q php53-common openssl
>> php53-common-5.3.29-43.x86_64
>>
Re: openssl again makes php5.3 crash
friendly ping!
On 2/1/19 4:41 PM, glen wrote:
(somewhy arekm wrote privately to me only).
anyway, the rel 44 (from th-test) still fails:
[root@2e971bacdb48 app]# echo '{}'> composer.json
[root@2e971bacdb48 app]# composer install; echo $?
Loading composer repositories with package information
139
[root@2e971bacdb48 app]# rpm -q php53-common
php53-common-5.3.29-44.x86_64
[root@2e971bacdb48 app]#
On 1/23/19 11:54 PM, Arkadiusz Miśkiewicz wrote:
On 23/01/2019 22:00, Elan Ruusamäe wrote:
yes. it worked, with openssl 1.1 crashes
php 5.4 doesn't crash.
backported ext/openssl to 5.3 crashes.
Fun.
On Wed, 23 Jan 2019 at 21:28, Arkadiusz Miśkiewicz mailto:ar...@maven.pl>> wrote:
On 21/12/2018 12:51, glen wrote:
> can you please look?
Did this work with older openssl?
Because this bug is somehow related to
https://bugs.php.net/bug.php?id=61930
Simplified reproducer:
>
>
> $url = 'https://repo.packagist.org/packages.json';
>
> function getCertificateFingerprint($certificate)
> {
> $publickey = openssl_get_publickey($certificate);
> $pubkeydetails = openssl_pkey_get_details($publickey);
> }
>
> $options = array();
>
> $defaultParams = array (
> 'options' =>
> array (
> 'ssl' =>
> array (
> 'capture_peer_cert' => true,
> 'verify_peer' => false,
> ),
> ),
> );
>
> $context = stream_context_create($options, $defaultParams);
>
> if (false === $handle = @fopen($url, 'rb', false, $context)) {
> return;
> }
>
> fclose($handle);
> $handle = null;
>
> $params = stream_context_get_params($context);
>
>
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
>
> On 12/11/18 12:53 PM, Elan Ruusamäe wrote:
>>
>> $ docker run --privileged --rm -it
registry.gitlab.com/pld-linux/pld
sh
>>
>> [@42300ff78c63 /]# poldek -u --noask composer gdb
--ignore=*php4*
>> --ignore=*php52*
>>
>> [@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
>> openssl-debuginfo
>>
>> [@42300ff78c63 /]# cd /tmp
>>
>> [@42300ff78c63 /tmp]# echo '{}' > composer.json
>>
>>
>> [@42300ff78c63 /tmp]# composer install
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Segmentation fault
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls true
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# composer install
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Updating dependencies (including require-dev)
>> Nothing to install or update
>> Generating autoload files
>> [@42300ff78c63 /tmp]#
>>
>> [@236200a329d5 r]# rpm -q php53-common openssl
>> php53-common-5.3.29-43.x86_64
>> openssl-1.1.1a-1.x86_64
>> [@236200a329d5 r]#
>>
>>
>>
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls false
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# gdb --args php /usr/bin/composer install
>> GNU gdb (GDB) 8.2-2 (PLD Linux)
>> Copyright (C) 2018 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later
>>
>> This is free software: you are free to change and
redistribute it.
>> There is NO WARRANTY, to the extent permitted by law.
>> Type "show copying" and "show warranty" for details.
>> This GDB was configured as "x86_64-pld-linux".
>> Type "show configuration" for configuration details.
>> For bug reporting instructions, please see:
>>
Re: openssl again makes php5.3 crash
(somewhy arekm wrote privately to me only).
anyway, the rel 44 (from th-test) still fails:
[root@2e971bacdb48 app]# echo '{}'> composer.json
[root@2e971bacdb48 app]# composer install; echo $?
Loading composer repositories with package information
139
[root@2e971bacdb48 app]# rpm -q php53-common
php53-common-5.3.29-44.x86_64
[root@2e971bacdb48 app]#
On 1/23/19 11:54 PM, Arkadiusz Miśkiewicz wrote:
On 23/01/2019 22:00, Elan Ruusamäe wrote:
yes. it worked, with openssl 1.1 crashes
php 5.4 doesn't crash.
backported ext/openssl to 5.3 crashes.
Fun.
On Wed, 23 Jan 2019 at 21:28, Arkadiusz Miśkiewicz mailto:ar...@maven.pl>> wrote:
On 21/12/2018 12:51, glen wrote:
> can you please look?
Did this work with older openssl?
Because this bug is somehow related to
https://bugs.php.net/bug.php?id=61930
Simplified reproducer:
>
>
> $url = 'https://repo.packagist.org/packages.json';
>
> function getCertificateFingerprint($certificate)
> {
> $publickey = openssl_get_publickey($certificate);
> $pubkeydetails = openssl_pkey_get_details($publickey);
> }
>
> $options = array();
>
> $defaultParams = array (
> 'options' =>
> array (
> 'ssl' =>
> array (
> 'capture_peer_cert' => true,
> 'verify_peer' => false,
> ),
> ),
> );
>
> $context = stream_context_create($options, $defaultParams);
>
> if (false === $handle = @fopen($url, 'rb', false, $context)) {
> return;
> }
>
> fclose($handle);
> $handle = null;
>
> $params = stream_context_get_params($context);
>
>
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
>
> On 12/11/18 12:53 PM, Elan Ruusamäe wrote:
>>
>> $ docker run --privileged --rm -it
registry.gitlab.com/pld-linux/pld
sh
>>
>> [@42300ff78c63 /]# poldek -u --noask composer gdb --ignore=*php4*
>> --ignore=*php52*
>>
>> [@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
>> openssl-debuginfo
>>
>> [@42300ff78c63 /]# cd /tmp
>>
>> [@42300ff78c63 /tmp]# echo '{}' > composer.json
>>
>>
>> [@42300ff78c63 /tmp]# composer install
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Segmentation fault
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls true
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# composer install
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Updating dependencies (including require-dev)
>> Nothing to install or update
>> Generating autoload files
>> [@42300ff78c63 /tmp]#
>>
>> [@236200a329d5 r]# rpm -q php53-common openssl
>> php53-common-5.3.29-43.x86_64
>> openssl-1.1.1a-1.x86_64
>> [@236200a329d5 r]#
>>
>>
>>
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls false
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# gdb --args php /usr/bin/composer install
>> GNU gdb (GDB) 8.2-2 (PLD Linux)
>> Copyright (C) 2018 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later
>>
>> This is free software: you are free to change and redistribute it.
>> There is NO WARRANTY, to the extent permitted by law.
>> Type "show copying" and "show warranty" for details.
>> This GDB was configured as "x86_64-pld-linux".
>> Type "show configuration" for configuration details.
>> For bug reporting instructions, please see:
>>
