openssl again makes php5.3 crash
Arkadiusz Miśkiewicz
arekm at maven.pl
Tue Feb 5 20:18:52 CET 2019
On 05/02/2019 17:43, glen wrote:
> friendly ping!
I wasn't able to find the cause of this. Compared ext/openssl with 5.4
(which doesn't segfault) and can't find the problem.
Even backported ext/openssl from 5.4 to 5.3 still gets me segfaulting
php 5.3.
So I think the problem is solved outside ext/openssl.
Reproducer if anyone wants to look below.
I still plan to play with this more (because I'll be doing php 5.3
upgrades here in feb/march).
<?php
$url = 'https://repo.packagist.org/packages.json';
function getCertificateFingerprint($certificate)
{
$publickey = openssl_get_publickey($certificate);
$pubkeydetails = openssl_pkey_get_details($publickey);
}
$options = array();
$defaultParams = array (
'options' =>
array (
'ssl' =>
array (
'capture_peer_cert' => true,
'verify_peer' => false,
),
),
);
$context = stream_context_create($options, $defaultParams);
if (false === $handle = @fopen($url, 'rb', false, $context)) {
return;
}
fclose($handle);
$handle = null;
$params = stream_context_get_params($context);
getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>
> On 2/1/19 4:41 PM, glen wrote:
>> (somewhy arekm wrote privately to me only).
>>
>> anyway, the rel 44 (from th-test) still fails:
>>
>> [root at 2e971bacdb48 app]# echo '{}'> composer.json
>> [root at 2e971bacdb48 app]# composer install; echo $?
>> Loading composer repositories with package information
>> 139
>> [root at 2e971bacdb48 app]# rpm -q php53-common
>> php53-common-5.3.29-44.x86_64
>> [root at 2e971bacdb48 app]#
>>
>> On 1/23/19 11:54 PM, Arkadiusz Miśkiewicz wrote:
>>> On 23/01/2019 22:00, Elan Ruusamäe wrote:
>>>> yes. it worked, with openssl 1.1 crashes
>>> php 5.4 doesn't crash.
>>>
>>> backported ext/openssl to 5.3 crashes.
>>>
>>> Fun.
>>>
>>>> On Wed, 23 Jan 2019 at 21:28, Arkadiusz Miśkiewicz <arekm at maven.pl
>>>> <mailto:arekm at maven.pl>> wrote:
>>>>
>>>> On 21/12/2018 12:51, glen wrote:
>>>> > can you please look?
>>>>
>>>> Did this work with older openssl?
>>>>
>>>> Because this bug is somehow related to
>>>> https://bugs.php.net/bug.php?id=61930
>>>>
>>>>
>>>> Simplified reproducer:
>>>>
>>>> > <?php
>>>> >
>>>> >
>>>> > $url = 'https://repo.packagist.org/packages.json';
>>>> >
>>>> > function getCertificateFingerprint($certificate)
>>>> > {
>>>> > $publickey = openssl_get_publickey($certificate);
>>>> > $pubkeydetails = openssl_pkey_get_details($publickey);
>>>> > }
>>>> >
>>>> > $options = array();
>>>> >
>>>> > $defaultParams = array (
>>>> > 'options' =>
>>>> > array (
>>>> > 'ssl' =>
>>>> > array (
>>>> > 'capture_peer_cert' => true,
>>>> > 'verify_peer' => false,
>>>> > ),
>>>> > ),
>>>> > );
>>>> >
>>>> > $context = stream_context_create($options, $defaultParams);
>>>> >
>>>> > if (false === $handle = @fopen($url, 'rb', false, $context)) {
>>>> > return;
>>>> > }
>>>> >
>>>> > fclose($handle);
>>>> > $handle = null;
>>>> >
>>>> > $params = stream_context_get_params($context);
>>>> >
>>>> >
>>>> getCertificateFingerprint($params['options']['ssl']['peer_certificate']);
>>>>
>>>>
>>>>
>>>> >
>>>> >
>>>> > On 12/11/18 12:53 PM, Elan Ruusamäe wrote:
>>>> >>
>>>> >> $ docker run --privileged --rm -it
>>>> registry.gitlab.com/pld-linux/pld
>>>> <http://registry.gitlab.com/pld-linux/pld> sh
>>>> >>
>>>> >> [@42300ff78c63 /]# poldek -u --noask composer gdb
>>>> --ignore=*php4*
>>>> >> --ignore=*php52*
>>>> >>
>>>> >> [@42300ff78c63 /]# poldek -n th-debuginfo -u php53-debuginfo
>>>> >> openssl-debuginfo
>>>> >>
>>>> >> [@42300ff78c63 /]# cd /tmp
>>>> >>
>>>> >> [@42300ff78c63 /tmp]# echo '{}' > composer.json
>>>> >>
>>>> >>
>>>> >> [@42300ff78c63 /tmp]# composer install
>>>> >> Do not run Composer as root/super user! See
>>>> >> https://getcomposer.org/root for details
>>>> >> Loading composer repositories with package information
>>>> >> Segmentation fault
>>>> >>
>>>> >> [@42300ff78c63 /tmp]# composer config -g -- disable-tls true
>>>> >> Do not run Composer as root/super user! See
>>>> >> https://getcomposer.org/root for details
>>>> >> [@42300ff78c63 /tmp]# composer install
>>>> >> You are running Composer with SSL/TLS protection disabled.
>>>> >> Do not run Composer as root/super user! See
>>>> >> https://getcomposer.org/root for details
>>>> >> Loading composer repositories with package information
>>>> >> Updating dependencies (including require-dev)
>>>> >> Nothing to install or update
>>>> >> Generating autoload files
>>>> >> [@42300ff78c63 /tmp]#
>>>> >>
>>>> >> [@236200a329d5 r]# rpm -q php53-common openssl
>>>> >> php53-common-5.3.29-43.x86_64
>>>> >> openssl-1.1.1a-1.x86_64
>>>> >> [@236200a329d5 r]#
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >> [@42300ff78c63 /tmp]# composer config -g -- disable-tls false
>>>> >> You are running Composer with SSL/TLS protection disabled.
>>>> >> Do not run Composer as root/super user! See
>>>> >> https://getcomposer.org/root for details
>>>> >> [@42300ff78c63 /tmp]# gdb --args php /usr/bin/composer install
>>>> >> GNU gdb (GDB) 8.2-2 (PLD Linux)
>>>> >> Copyright (C) 2018 Free Software Foundation, Inc.
>>>> >> License GPLv3+: GNU GPL version 3 or later
>>>> >> <http://gnu.org/licenses/gpl.html>
>>>> >> This is free software: you are free to change and
>>>> redistribute it.
>>>> >> There is NO WARRANTY, to the extent permitted by law.
>>>> >> Type "show copying" and "show warranty" for details.
>>>> >> This GDB was configured as "x86_64-pld-linux".
>>>> >> Type "show configuration" for configuration details.
>>>> >> For bug reporting instructions, please see:
>>>> >> <http://www.gnu.org/software/gdb/bugs/>.
>>>> >> Find the GDB manual and other documentation resources online
>>>> at:
>>>> >> <http://www.gnu.org/software/gdb/documentation/>.
>>>> >>
>>>> >> For help, type "help".
>>>> >> Type "apropos word" to search for commands related to "word"...
>>>> >> Reading symbols from php...Reading symbols from
>>>> >> /usr/lib/debug/usr/bin/php53.debug...done.
>>>> >> done.
>>>> >> (gdb) r
>>>> >> Starting program: /usr/bin/php /usr/bin/composer install
>>>> >> [Thread debugging using libthread_db enabled]
>>>> >> Using host libthread_db library "/lib64/libthread_db.so.1".
>>>> >> [Detaching after fork from child process 333]
>>>> >> [Detaching after fork from child process 334]
>>>> >> [Detaching after fork from child process 335]
>>>> >> [Detaching after fork from child process 336]
>>>> >> [Detaching after fork from child process 337]
>>>> >> [Detaching after fork from child process 338]
>>>> >> [Detaching after fork from child process 339]
>>>> >> Do not run Composer as root/super user! See
>>>> >> https://getcomposer.org/root for details
>>>> >> [Detaching after fork from child process 340]
>>>> >> Loading composer repositories with package information
>>>> >>
>>>> >> Program received signal SIGSEGV, Segmentation fault.
>>>> >> 0x00007ffff7e66731 in _zval_ptr_dtor
>>>> (zval_ptr=0x7ffff6853f9000) at
>>>> >> /usr/src/debug/php-5.3.29/Zend/zend_execute_API.c:434
>>>> >> 434 zval *zv = *zval_ptr;
>>>> >> (gdb) bt
>>>> >> #0 0x00007ffff7e66731 in _zval_ptr_dtor
>>>> (zval_ptr=0x7ffff6853f9000)
>>>> >> at /usr/src/debug/php-5.3.29/Zend/zend_execute_API.c:434
>>>> >> #1 0x00007ffff7ec0f85 in zend_leave_helper_SPEC
>>>> >> (execute_data=execute_data at entry=0x7ffff6853eb0) at
>>>> >> /usr/src/debug/php-5.3.29/Zend/zend_vm_execute.h:160
>>>> >> #2 0x00007ffff7ec148a in ZEND_RETURN_SPEC_VAR_HANDLER
>>>> >> (execute_data=0x7ffff6853eb0) at
>>>> >> /usr/src/debug/php-5.3.29/Zend/zend_vm_execute.h:8255
>>>> >> #3 0x00007ffff7e99e61 in execute (op_array=0x131dec8) at
>>>> >> /usr/src/debug/php-5.3.29/Zend/zend_vm_execute.h:107
>>>> >> #4 0x00007ffff7e76597 in zend_execute_scripts
>>>> (type=type at entry=8,
>>>> >> retval=retval at entry=0x0, file_count=file_count at entry=3) at
>>>> >> /usr/src/debug/php-5.3.29/Zend/zend.c:1259
>>>> >> #5 0x00007ffff7e23d38 in php_execute_script
>>>> >> (primary_file=primary_file at entry=0x7fffffffd090) at
>>>> >> /usr/src/debug/php-5.3.29/main/main.c:2316
>>>> >> #6 0x0000000000404939 in main (argc=3, argv=0x7fffffffe458) at
>>>> >> /usr/src/debug/php-5.3.29/sapi/cli/php_cli.c:1189
>>>> >> (gdb)
>>
--
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
More information about the pld-devel-en
mailing list