Re: openssl again makes php5.3 crash
Arkadiusz Miśkiewicz wrote: > I wasn't able to find the cause of this. Compared ext/openssl with 5.4 > (which doesn't segfault) and can't find the problem. > > Even backported ext/openssl from 5.4 to 5.3 still gets me segfaulting > php 5.3. > > So I think the problem is solved outside ext/openssl. > > Reproducer if anyone wants to look below. openssl.patch is broken. zval is struct not pointer, so type of local variables should be 'zval *' not bare zval. Fixed in repo as release 45. ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: openssl again makes php5.3 crash
On 05/02/2019 17:43, glen wrote:
> friendly ping!
I wasn't able to find the cause of this. Compared ext/openssl with 5.4
(which doesn't segfault) and can't find the problem.
Even backported ext/openssl from 5.4 to 5.3 still gets me segfaulting
php 5.3.
So I think the problem is solved outside ext/openssl.
Reproducer if anyone wants to look below.
I still plan to play with this more (because I'll be doing php 5.3
upgrades here in feb/march).
https://repo.packagist.org/packages.json';
function getCertificateFingerprint($certificate)
{
$publickey = openssl_get_publickey($certificate);
$pubkeydetails = openssl_pkey_get_details($publickey);
}
$options = array();
$defaultParams = array (
'options' =>
array (
'ssl' =>
array (
'capture_peer_cert' => true,
'verify_peer' => false,
),
),
);
$context = stream_context_create($options, $defaultParams);
if (false === $handle = @fopen($url, 'rb', false, $context)) {
return;
}
fclose($handle);
$handle = null;
$params = stream_context_get_params($context);
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
> On 2/1/19 4:41 PM, glen wrote:
>> (somewhy arekm wrote privately to me only).
>>
>> anyway, the rel 44 (from th-test) still fails:
>>
>> [root@2e971bacdb48 app]# echo '{}'> composer.json
>> [root@2e971bacdb48 app]# composer install; echo $?
>> Loading composer repositories with package information
>> 139
>> [root@2e971bacdb48 app]# rpm -q php53-common
>> php53-common-5.3.29-44.x86_64
>> [root@2e971bacdb48 app]#
>>
>> On 1/23/19 11:54 PM, Arkadiusz Miśkiewicz wrote:
>>> On 23/01/2019 22:00, Elan Ruusamäe wrote:
yes. it worked, with openssl 1.1 crashes
>>> php 5.4 doesn't crash.
>>>
>>> backported ext/openssl to 5.3 crashes.
>>>
>>> Fun.
>>>
On Wed, 23 Jan 2019 at 21:28, Arkadiusz Miśkiewicz >>> > wrote:
On 21/12/2018 12:51, glen wrote:
> can you please look?
Did this work with older openssl?
Because this bug is somehow related to
https://bugs.php.net/bug.php?id=61930
Simplified reproducer:
> >>> >
>
> $url = 'https://repo.packagist.org/packages.json';
>
> function getCertificateFingerprint($certificate)
> {
> $publickey = openssl_get_publickey($certificate);
> $pubkeydetails = openssl_pkey_get_details($publickey);
> }
>
> $options = array();
>
> $defaultParams = array (
> 'options' =>
> array (
> 'ssl' =>
> array (
> 'capture_peer_cert' => true,
> 'verify_peer' => false,
> ),
> ),
> );
>
> $context = stream_context_create($options, $defaultParams);
>
> if (false === $handle = @fopen($url, 'rb', false, $context)) {
> return;
> }
>
> fclose($handle);
> $handle = null;
>
> $params = stream_context_get_params($context);
>
>
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
>
> On 12/11/18 12:53 PM, Elan Ruusamäe wrote:
>>
>> $ docker run --privileged --rm -it
registry.gitlab.com/pld-linux/pld
sh
>>
>> [@42300ff78c63 /]# poldek -u --noask composer gdb
--ignore=*php4*
>> --ignore=*php52*
>>
>> [@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
>> openssl-debuginfo
>>
>> [@42300ff78c63 /]# cd /tmp
>>
>> [@42300ff78c63 /tmp]# echo '{}' > composer.json
>>
>>
>> [@42300ff78c63 /tmp]# composer install
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Segmentation fault
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls true
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# composer install
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Updating dependencies (including require-dev)
>> Nothing to install or update
>> Generating autoload files
>> [@42300ff78c63 /tmp]#
>>
>> [@236200a329d5 r]# rpm -q php53-common openssl
>> php53-common-5.3.29-43.x86_64
>>
Re: openssl again makes php5.3 crash
friendly ping!
On 2/1/19 4:41 PM, glen wrote:
(somewhy arekm wrote privately to me only).
anyway, the rel 44 (from th-test) still fails:
[root@2e971bacdb48 app]# echo '{}'> composer.json
[root@2e971bacdb48 app]# composer install; echo $?
Loading composer repositories with package information
139
[root@2e971bacdb48 app]# rpm -q php53-common
php53-common-5.3.29-44.x86_64
[root@2e971bacdb48 app]#
On 1/23/19 11:54 PM, Arkadiusz Miśkiewicz wrote:
On 23/01/2019 22:00, Elan Ruusamäe wrote:
yes. it worked, with openssl 1.1 crashes
php 5.4 doesn't crash.
backported ext/openssl to 5.3 crashes.
Fun.
On Wed, 23 Jan 2019 at 21:28, Arkadiusz Miśkiewicz mailto:ar...@maven.pl>> wrote:
On 21/12/2018 12:51, glen wrote:
> can you please look?
Did this work with older openssl?
Because this bug is somehow related to
https://bugs.php.net/bug.php?id=61930
Simplified reproducer:
>
>
> $url = 'https://repo.packagist.org/packages.json';
>
> function getCertificateFingerprint($certificate)
> {
> $publickey = openssl_get_publickey($certificate);
> $pubkeydetails = openssl_pkey_get_details($publickey);
> }
>
> $options = array();
>
> $defaultParams = array (
> 'options' =>
> array (
> 'ssl' =>
> array (
> 'capture_peer_cert' => true,
> 'verify_peer' => false,
> ),
> ),
> );
>
> $context = stream_context_create($options, $defaultParams);
>
> if (false === $handle = @fopen($url, 'rb', false, $context)) {
> return;
> }
>
> fclose($handle);
> $handle = null;
>
> $params = stream_context_get_params($context);
>
>
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
>
> On 12/11/18 12:53 PM, Elan Ruusamäe wrote:
>>
>> $ docker run --privileged --rm -it
registry.gitlab.com/pld-linux/pld
sh
>>
>> [@42300ff78c63 /]# poldek -u --noask composer gdb
--ignore=*php4*
>> --ignore=*php52*
>>
>> [@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
>> openssl-debuginfo
>>
>> [@42300ff78c63 /]# cd /tmp
>>
>> [@42300ff78c63 /tmp]# echo '{}' > composer.json
>>
>>
>> [@42300ff78c63 /tmp]# composer install
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Segmentation fault
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls true
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# composer install
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Updating dependencies (including require-dev)
>> Nothing to install or update
>> Generating autoload files
>> [@42300ff78c63 /tmp]#
>>
>> [@236200a329d5 r]# rpm -q php53-common openssl
>> php53-common-5.3.29-43.x86_64
>> openssl-1.1.1a-1.x86_64
>> [@236200a329d5 r]#
>>
>>
>>
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls false
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# gdb --args php /usr/bin/composer install
>> GNU gdb (GDB) 8.2-2 (PLD Linux)
>> Copyright (C) 2018 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later
>>
>> This is free software: you are free to change and
redistribute it.
>> There is NO WARRANTY, to the extent permitted by law.
>> Type "show copying" and "show warranty" for details.
>> This GDB was configured as "x86_64-pld-linux".
>> Type "show configuration" for configuration details.
>> For bug reporting instructions, please see:
>>
Re: openssl again makes php5.3 crash
(somewhy arekm wrote privately to me only).
anyway, the rel 44 (from th-test) still fails:
[root@2e971bacdb48 app]# echo '{}'> composer.json
[root@2e971bacdb48 app]# composer install; echo $?
Loading composer repositories with package information
139
[root@2e971bacdb48 app]# rpm -q php53-common
php53-common-5.3.29-44.x86_64
[root@2e971bacdb48 app]#
On 1/23/19 11:54 PM, Arkadiusz Miśkiewicz wrote:
On 23/01/2019 22:00, Elan Ruusamäe wrote:
yes. it worked, with openssl 1.1 crashes
php 5.4 doesn't crash.
backported ext/openssl to 5.3 crashes.
Fun.
On Wed, 23 Jan 2019 at 21:28, Arkadiusz Miśkiewicz mailto:ar...@maven.pl>> wrote:
On 21/12/2018 12:51, glen wrote:
> can you please look?
Did this work with older openssl?
Because this bug is somehow related to
https://bugs.php.net/bug.php?id=61930
Simplified reproducer:
>
>
> $url = 'https://repo.packagist.org/packages.json';
>
> function getCertificateFingerprint($certificate)
> {
> $publickey = openssl_get_publickey($certificate);
> $pubkeydetails = openssl_pkey_get_details($publickey);
> }
>
> $options = array();
>
> $defaultParams = array (
> 'options' =>
> array (
> 'ssl' =>
> array (
> 'capture_peer_cert' => true,
> 'verify_peer' => false,
> ),
> ),
> );
>
> $context = stream_context_create($options, $defaultParams);
>
> if (false === $handle = @fopen($url, 'rb', false, $context)) {
> return;
> }
>
> fclose($handle);
> $handle = null;
>
> $params = stream_context_get_params($context);
>
>
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
>
> On 12/11/18 12:53 PM, Elan Ruusamäe wrote:
>>
>> $ docker run --privileged --rm -it
registry.gitlab.com/pld-linux/pld
sh
>>
>> [@42300ff78c63 /]# poldek -u --noask composer gdb --ignore=*php4*
>> --ignore=*php52*
>>
>> [@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
>> openssl-debuginfo
>>
>> [@42300ff78c63 /]# cd /tmp
>>
>> [@42300ff78c63 /tmp]# echo '{}' > composer.json
>>
>>
>> [@42300ff78c63 /tmp]# composer install
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Segmentation fault
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls true
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# composer install
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> Loading composer repositories with package information
>> Updating dependencies (including require-dev)
>> Nothing to install or update
>> Generating autoload files
>> [@42300ff78c63 /tmp]#
>>
>> [@236200a329d5 r]# rpm -q php53-common openssl
>> php53-common-5.3.29-43.x86_64
>> openssl-1.1.1a-1.x86_64
>> [@236200a329d5 r]#
>>
>>
>>
>>
>> [@42300ff78c63 /tmp]# composer config -g -- disable-tls false
>> You are running Composer with SSL/TLS protection disabled.
>> Do not run Composer as root/super user! See
>> https://getcomposer.org/root for details
>> [@42300ff78c63 /tmp]# gdb --args php /usr/bin/composer install
>> GNU gdb (GDB) 8.2-2 (PLD Linux)
>> Copyright (C) 2018 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later
>>
>> This is free software: you are free to change and redistribute it.
>> There is NO WARRANTY, to the extent permitted by law.
>> Type "show copying" and "show warranty" for details.
>> This GDB was configured as "x86_64-pld-linux".
>> Type "show configuration" for configuration details.
>> For bug reporting instructions, please see:
>>
openssl again makes php5.3 crash
$ docker run --privileged --rm -it registry.gitlab.com/pld-linux/pld sh
[@42300ff78c63 /]# poldek -u --noask composer gdb --ignore=*php4*
--ignore=*php52*
[@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
openssl-debuginfo
[@42300ff78c63 /]# cd /tmp
[@42300ff78c63 /tmp]# echo '{}' > composer.json
[@42300ff78c63 /tmp]# composer install
Do not run Composer as root/super user! See https://getcomposer.org/root
for details
Loading composer repositories with package information
Segmentation fault
[@42300ff78c63 /tmp]# composer config -g -- disable-tls true
Do not run Composer as root/super user! See https://getcomposer.org/root
for details
[@42300ff78c63 /tmp]# composer install
You are running Composer with SSL/TLS protection disabled.
Do not run Composer as root/super user! See https://getcomposer.org/root
for details
Loading composer repositories with package information
Updating dependencies (including require-dev)
Nothing to install or update
Generating autoload files
[@42300ff78c63 /tmp]#
[@236200a329d5 r]# rpm -q php53-common openssl
php53-common-5.3.29-43.x86_64
openssl-1.1.1a-1.x86_64
[@236200a329d5 r]#
[@42300ff78c63 /tmp]# composer config -g -- disable-tls false
You are running Composer with SSL/TLS protection disabled.
Do not run Composer as root/super user! See https://getcomposer.org/root
for details
[@42300ff78c63 /tmp]# gdb --args php /usr/bin/composer install
GNU gdb (GDB) 8.2-2 (PLD Linux)
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pld-linux".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
