This standalone self-contained test script segfaults on Centos 6.2 for me with PHP 5.4:
https://gist.github.com/anonymous/5289189 The Valgrind output is: https://gist.github.com/anonymous/5289189 So it is as if SSL_CTX_use_certificate_chain_file() is calling ASN1_item_free() on something that it needs later. On Debian, FreeBSD and Ubuntu, I don't get a crash and the script works, but Valgrind still complains at least on Ubuntu with: ==12085== Uninitialised value was created by a stack allocation ==12085== at 0x7B54530: ASN1_STRING_to_UTF8 (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) And it was accessed from: ==12085== Conditional jump or move depends on uninitialised value(s) ==12085== at 0x7B657AB: ASN1_STRING_set (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B5349C: ASN1_mbstring_ncopy (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B536C3: ASN1_mbstring_copy (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B54584: ASN1_STRING_to_UTF8 (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B559A2: ??? (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B55F06: ??? (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B5C442: ASN1_item_ex_d2i (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B5CFFF: ??? (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B5D247: ??? (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B5CAB0: ASN1_item_ex_d2i (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B5CFFF: ??? (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B5D247: ??? (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B5CAB0: ASN1_item_ex_d2i (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B5D3D3: ASN1_item_d2i (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B561E5: d2i_X509_AUX (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7B6BD07: PEM_ASN1_read_bio (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0) ==12085== by 0x7842771: SSL_CTX_use_certificate_chain_file (in /lib/x86_64-linux-gnu/libssl.so.1.0.0) ==12085== by 0x47AE6B: php_SSL_new_from_context (openssl.c:4552) This same problem appears across PHP 5.3, 5.4 and 5.5 with different openssl library versions, so I think we are calling the openssl incorrectly somehow there. Somehow related to a realloc during UTF8 conversion deep in the library perhaps? Does anyone see what we might have gotten wrong in this function? http://lxr.php.net/xref/PHP_5_4/ext/openssl/openssl.c#4492 -Rasmus -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
