[Bug 1099793] [NEW] php 5.3.10 openssl_encrypt empty data
Public bug reported:
$lsb_release -rd
Description:Ubuntu 12.04.1 LTS
Release:12.04
$apt-cache policy php5
php5:
Telepítve: 5.3.10-1ubuntu3.4
Jelölt:5.3.10-1ubuntu3.4
Verziótáblázat:
*** 5.3.10-1ubuntu3.4 0
500 http://hu.archive.ubuntu.com/ubuntu/ precise-updates/main amd64
Packages
500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64
Packages
100 /var/lib/dpkg/status
5.3.10-1ubuntu3 0
500 http://hu.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
My libssl version:
libssl1.0.0:
Telepítve: 1.0.1-4ubuntu5.5
Jelölt:1.0.1-4ubuntu5.5
Verziótáblázat:
*** 1.0.1-4ubuntu5.5 0
500 http://hu.archive.ubuntu.com/ubuntu/ precise-updates/main amd64
Packages
100 /var/lib/dpkg/status
1.0.1-4ubuntu5.3 0
500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64
Packages
1.0.1-4ubuntu3 0
500 http://hu.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
EXPECTED:
If you run test.php (attached ) in command line or as Apache module the
expected output is binary data smaller than 40byte.
BUG:
On my system it outputs 32kbyte, and contains memory dump, PHP source code, PHP
variable values etc.
It looks like similar to a buffer overrun/flow.
I've downloaded PHP5.3.10 source code. Could the following cause it?
php5-5.3.10/ext/openssl/openssl.c line 4716:
if (data_len 0) {
EVP_EncryptUpdate(cipher_ctx, outbuf, i, (unsigned char *)data, data_len);
}
If data IS nothing (empty), it does not call EVP_EncryptUpdate()
function.
** Affects: php5 (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: run: php test.php
https://bugs.launchpad.net/bugs/1099793/+attachment/3483887/+files/test.php
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1099793
Title:
php 5.3.10 openssl_encrypt empty data
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1099793/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1099793] [NEW] php 5.3.10 openssl_encrypt empty data
Public bug reported:
$lsb_release -rd
Description:Ubuntu 12.04.1 LTS
Release:12.04
$apt-cache policy php5
php5:
Telepítve: 5.3.10-1ubuntu3.4
Jelölt:5.3.10-1ubuntu3.4
Verziótáblázat:
*** 5.3.10-1ubuntu3.4 0
500 http://hu.archive.ubuntu.com/ubuntu/ precise-updates/main amd64
Packages
500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64
Packages
100 /var/lib/dpkg/status
5.3.10-1ubuntu3 0
500 http://hu.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
My libssl version:
libssl1.0.0:
Telepítve: 1.0.1-4ubuntu5.5
Jelölt:1.0.1-4ubuntu5.5
Verziótáblázat:
*** 1.0.1-4ubuntu5.5 0
500 http://hu.archive.ubuntu.com/ubuntu/ precise-updates/main amd64
Packages
100 /var/lib/dpkg/status
1.0.1-4ubuntu5.3 0
500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64
Packages
1.0.1-4ubuntu3 0
500 http://hu.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
EXPECTED:
If you run test.php (attached ) in command line or as Apache module the
expected output is binary data smaller than 40byte.
BUG:
On my system it outputs 32kbyte, and contains memory dump, PHP source code, PHP
variable values etc.
It looks like similar to a buffer overrun/flow.
I've downloaded PHP5.3.10 source code. Could the following cause it?
php5-5.3.10/ext/openssl/openssl.c line 4716:
if (data_len 0) {
EVP_EncryptUpdate(cipher_ctx, outbuf, i, (unsigned char *)data, data_len);
}
If data IS nothing (empty), it does not call EVP_EncryptUpdate()
function.
** Affects: php5 (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: run: php test.php
https://bugs.launchpad.net/bugs/1099793/+attachment/3483887/+files/test.php
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1099793
Title:
php 5.3.10 openssl_encrypt empty data
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1099793/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
