[Bug 1099793] [NEW] php 5.3.10 openssl_encrypt empty data
Public bug reported: $lsb_release -rd Description:Ubuntu 12.04.1 LTS Release:12.04 $apt-cache policy php5 php5: Telepítve: 5.3.10-1ubuntu3.4 Jelölt:5.3.10-1ubuntu3.4 Verziótáblázat: *** 5.3.10-1ubuntu3.4 0 500 http://hu.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 100 /var/lib/dpkg/status 5.3.10-1ubuntu3 0 500 http://hu.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages My libssl version: libssl1.0.0: Telepítve: 1.0.1-4ubuntu5.5 Jelölt:1.0.1-4ubuntu5.5 Verziótáblázat: *** 1.0.1-4ubuntu5.5 0 500 http://hu.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 1.0.1-4ubuntu5.3 0 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 1.0.1-4ubuntu3 0 500 http://hu.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages EXPECTED: If you run test.php (attached ) in command line or as Apache module the expected output is binary data smaller than 40byte. BUG: On my system it outputs 32kbyte, and contains memory dump, PHP source code, PHP variable values etc. It looks like similar to a buffer overrun/flow. I've downloaded PHP5.3.10 source code. Could the following cause it? php5-5.3.10/ext/openssl/openssl.c line 4716: if (data_len 0) { EVP_EncryptUpdate(cipher_ctx, outbuf, i, (unsigned char *)data, data_len); } If data IS nothing (empty), it does not call EVP_EncryptUpdate() function. ** Affects: php5 (Ubuntu) Importance: Undecided Status: New ** Attachment added: run: php test.php https://bugs.launchpad.net/bugs/1099793/+attachment/3483887/+files/test.php -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in Ubuntu. https://bugs.launchpad.net/bugs/1099793 Title: php 5.3.10 openssl_encrypt empty data To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1099793/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1099793] [NEW] php 5.3.10 openssl_encrypt empty data
Public bug reported: $lsb_release -rd Description:Ubuntu 12.04.1 LTS Release:12.04 $apt-cache policy php5 php5: Telepítve: 5.3.10-1ubuntu3.4 Jelölt:5.3.10-1ubuntu3.4 Verziótáblázat: *** 5.3.10-1ubuntu3.4 0 500 http://hu.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 100 /var/lib/dpkg/status 5.3.10-1ubuntu3 0 500 http://hu.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages My libssl version: libssl1.0.0: Telepítve: 1.0.1-4ubuntu5.5 Jelölt:1.0.1-4ubuntu5.5 Verziótáblázat: *** 1.0.1-4ubuntu5.5 0 500 http://hu.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 1.0.1-4ubuntu5.3 0 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 1.0.1-4ubuntu3 0 500 http://hu.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages EXPECTED: If you run test.php (attached ) in command line or as Apache module the expected output is binary data smaller than 40byte. BUG: On my system it outputs 32kbyte, and contains memory dump, PHP source code, PHP variable values etc. It looks like similar to a buffer overrun/flow. I've downloaded PHP5.3.10 source code. Could the following cause it? php5-5.3.10/ext/openssl/openssl.c line 4716: if (data_len 0) { EVP_EncryptUpdate(cipher_ctx, outbuf, i, (unsigned char *)data, data_len); } If data IS nothing (empty), it does not call EVP_EncryptUpdate() function. ** Affects: php5 (Ubuntu) Importance: Undecided Status: New ** Attachment added: run: php test.php https://bugs.launchpad.net/bugs/1099793/+attachment/3483887/+files/test.php -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1099793 Title: php 5.3.10 openssl_encrypt empty data To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1099793/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs