openssl again makes php5.3 crash

glen glen at pld-linux.org
Tue Feb 5 17:43:01 CET 2019 

friendly ping!

On 2/1/19 4:41 PM, glen wrote:
> (somewhy arekm wrote privately to me only).
>
> anyway, the rel 44 (from th-test) still fails:
>
> [root at 2e971bacdb48 app]# echo '{}'> composer.json
> [root at 2e971bacdb48 app]# composer install; echo $?
> Loading composer repositories with package information
> 139
> [root at 2e971bacdb48 app]# rpm -q php53-common
> php53-common-5.3.29-44.x86_64
> [root at 2e971bacdb48 app]#
>
> On 1/23/19 11:54 PM, Arkadiusz Miśkiewicz wrote:
>> On 23/01/2019 22:00, Elan Ruusamäe wrote:
>>> yes. it worked, with openssl 1.1 crashes
>> php 5.4 doesn't crash.
>>
>> backported ext/openssl to 5.3 crashes.
>>
>> Fun.
>>
>>> On Wed, 23 Jan 2019 at 21:28, Arkadiusz Miśkiewicz <arekm at maven.pl
>>> <mailto:arekm at maven.pl>> wrote:
>>>
>>>      On 21/12/2018 12:51, glen wrote:
>>>      > can you please look?
>>>
>>>      Did this work with older openssl?
>>>
>>>      Because this bug is somehow related to
>>>      https://bugs.php.net/bug.php?id=61930
>>>
>>>
>>>      Simplified reproducer:
>>>
>>>      > <?php
>>>      >
>>>      >
>>>      > $url = 'https://repo.packagist.org/packages.json';
>>>      >
>>>      > function getCertificateFingerprint($certificate)
>>>      > {
>>>      >   $publickey = openssl_get_publickey($certificate);
>>>      >   $pubkeydetails = openssl_pkey_get_details($publickey);
>>>      > }
>>>      >
>>>      > $options = array();
>>>      >
>>>      > $defaultParams = array (
>>>      >   'options' =>
>>>      >   array (
>>>      >     'ssl' =>
>>>      >     array (
>>>      >       'capture_peer_cert' => true,
>>>      >       'verify_peer' => false,
>>>      >     ),
>>>      >   ),
>>>      > );
>>>      >
>>>      > $context = stream_context_create($options, $defaultParams);
>>>      >
>>>      > if (false === $handle = @fopen($url, 'rb', false, $context)) {
>>>      >   return;
>>>      > }
>>>      >
>>>      > fclose($handle);
>>>      > $handle = null;
>>>      >
>>>      > $params = stream_context_get_params($context);
>>>      >
>>>      >
>>> getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>>>
>>>
>>>      >
>>>      >
>>>      > On 12/11/18 12:53 PM, Elan Ruusamäe wrote:
>>>      >>
>>>      >> $ docker run --privileged --rm -it
>>>      registry.gitlab.com/pld-linux/pld
>>>      <http://registry.gitlab.com/pld-linux/pld> sh
>>>      >>
>>>      >> [@42300ff78c63 /]# poldek -u --noask composer gdb 
>>> --ignore=*php4*
>>>      >> --ignore=*php52*
>>>      >>
>>>      >> [@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
>>>      >> openssl-debuginfo
>>>      >>
>>>      >> [@42300ff78c63 /]# cd /tmp
>>>      >>
>>>      >> [@42300ff78c63 /tmp]# echo '{}' > composer.json
>>>      >>
>>>      >>
>>>      >> [@42300ff78c63 /tmp]# composer install
>>>      >> Do not run Composer as root/super user! See
>>>      >> https://getcomposer.org/root for details
>>>      >> Loading composer repositories with package information
>>>      >> Segmentation fault
>>>      >>
>>>      >> [@42300ff78c63 /tmp]# composer config -g -- disable-tls true
>>>      >> Do not run Composer as root/super user! See
>>>      >> https://getcomposer.org/root for details
>>>      >> [@42300ff78c63 /tmp]# composer install
>>>      >> You are running Composer with SSL/TLS protection disabled.
>>>      >> Do not run Composer as root/super user! See
>>>      >> https://getcomposer.org/root for details
>>>      >> Loading composer repositories with package information
>>>      >> Updating dependencies (including require-dev)
>>>      >> Nothing to install or update
>>>      >> Generating autoload files
>>>      >> [@42300ff78c63 /tmp]#
>>>      >>
>>>      >> [@236200a329d5 r]# rpm -q php53-common openssl
>>>      >> php53-common-5.3.29-43.x86_64
>>>      >> openssl-1.1.1a-1.x86_64
>>>      >> [@236200a329d5 r]#
>>>      >>
>>>      >>
>>>      >>
>>>      >>
>>>      >> [@42300ff78c63 /tmp]# composer config -g -- disable-tls false
>>>      >> You are running Composer with SSL/TLS protection disabled.
>>>      >> Do not run Composer as root/super user! See
>>>      >> https://getcomposer.org/root for details
>>>      >> [@42300ff78c63 /tmp]# gdb --args php /usr/bin/composer install
>>>      >> GNU gdb (GDB) 8.2-2 (PLD Linux)
>>>      >> Copyright (C) 2018 Free Software Foundation, Inc.
>>>      >> License GPLv3+: GNU GPL version 3 or later
>>>      >> <http://gnu.org/licenses/gpl.html>
>>>      >> This is free software: you are free to change and 
>>> redistribute it.
>>>      >> There is NO WARRANTY, to the extent permitted by law.
>>>      >> Type "show copying" and "show warranty" for details.
>>>      >> This GDB was configured as "x86_64-pld-linux".
>>>      >> Type "show configuration" for configuration details.
>>>      >> For bug reporting instructions, please see:
>>>      >> <http://www.gnu.org/software/gdb/bugs/>.
>>>      >> Find the GDB manual and other documentation resources online 
>>> at:
>>>      >> <http://www.gnu.org/software/gdb/documentation/>.
>>>      >>
>>>      >> For help, type "help".
>>>      >> Type "apropos word" to search for commands related to "word"...
>>>      >> Reading symbols from php...Reading symbols from
>>>      >> /usr/lib/debug/usr/bin/php53.debug...done.
>>>      >> done.
>>>      >> (gdb) r
>>>      >> Starting program: /usr/bin/php /usr/bin/composer install
>>>      >> [Thread debugging using libthread_db enabled]
>>>      >> Using host libthread_db library "/lib64/libthread_db.so.1".
>>>      >> [Detaching after fork from child process 333]
>>>      >> [Detaching after fork from child process 334]
>>>      >> [Detaching after fork from child process 335]
>>>      >> [Detaching after fork from child process 336]
>>>      >> [Detaching after fork from child process 337]
>>>      >> [Detaching after fork from child process 338]
>>>      >> [Detaching after fork from child process 339]
>>>      >> Do not run Composer as root/super user! See
>>>      >> https://getcomposer.org/root for details
>>>      >> [Detaching after fork from child process 340]
>>>      >> Loading composer repositories with package information
>>>      >>
>>>      >> Program received signal SIGSEGV, Segmentation fault.
>>>      >> 0x00007ffff7e66731 in _zval_ptr_dtor 
>>> (zval_ptr=0x7ffff6853f9000) at
>>>      >> /usr/src/debug/php-5.3.29/Zend/zend_execute_API.c:434
>>>      >> 434        zval *zv = *zval_ptr;
>>>      >> (gdb) bt
>>>      >> #0  0x00007ffff7e66731 in _zval_ptr_dtor 
>>> (zval_ptr=0x7ffff6853f9000)
>>>      >> at /usr/src/debug/php-5.3.29/Zend/zend_execute_API.c:434
>>>      >> #1  0x00007ffff7ec0f85 in zend_leave_helper_SPEC
>>>      >> (execute_data=execute_data at entry=0x7ffff6853eb0) at
>>>      >> /usr/src/debug/php-5.3.29/Zend/zend_vm_execute.h:160
>>>      >> #2  0x00007ffff7ec148a in ZEND_RETURN_SPEC_VAR_HANDLER
>>>      >> (execute_data=0x7ffff6853eb0) at
>>>      >> /usr/src/debug/php-5.3.29/Zend/zend_vm_execute.h:8255
>>>      >> #3  0x00007ffff7e99e61 in execute (op_array=0x131dec8) at
>>>      >> /usr/src/debug/php-5.3.29/Zend/zend_vm_execute.h:107
>>>      >> #4  0x00007ffff7e76597 in zend_execute_scripts 
>>> (type=type at entry=8,
>>>      >> retval=retval at entry=0x0, file_count=file_count at entry=3) at
>>>      >> /usr/src/debug/php-5.3.29/Zend/zend.c:1259
>>>      >> #5  0x00007ffff7e23d38 in php_execute_script
>>>      >> (primary_file=primary_file at entry=0x7fffffffd090) at
>>>      >> /usr/src/debug/php-5.3.29/main/main.c:2316
>>>      >> #6  0x0000000000404939 in main (argc=3, argv=0x7fffffffe458) at
>>>      >> /usr/src/debug/php-5.3.29/sapi/cli/php_cli.c:1189
>>>      >> (gdb)
>
-- 
glen

More information about the pld-devel-en mailing list