#35496 [NEW]: Segfault in mcrypt_generic()

Wed, 30 Nov 2005 10:15:49 -0800 

From:             iblue at gmx dot net
Operating system: Linux 2.6.14-iblue0
PHP version:      5.1.1
PHP Bug Type:     Reproducible crash
Bug description:  Segfault in mcrypt_generic()

Description:
------------
php segfaults when executing the reproduce code.

Reproduce code:
---------------
<?php
  $x = "foobar";
  
  $td = mcrypt_module_open('rijndael-256', '', 'ofb', '');
  $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
  $ks = mcrypt_enc_get_key_size($td);

  $key = md5("foobar");
  
  $encrypted = mcrypt_generic($td, $x);
?>

Expected result:
----------------
No output and a clean exit.

Actual result:
--------------
(gdb) run -q bug.php
Starting program: /home/iblue/src/php-5.1.1/sapi/cli/php -q bug.php
[Thread debugging using libthread_db enabled]
[New Thread -1214781760 (LWP 17768)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1214781760 (LWP 17768)]
0xb7f22b70 in mcrypt_mutex_register () from /usr/lib/libmcrypt.so.4
(gdb) bt
#0  0xb7f22b70 in mcrypt_mutex_register () from /usr/lib/libmcrypt.so.4
#1  0xb7f20203 in mcrypt_enc_get_algorithms_name () from
/usr/lib/libmcrypt.so.4
#2  0xb7f1f197 in mcrypt_generic () from /usr/lib/libmcrypt.so.4
#3  0x080ec88b in zif_mcrypt_generic (ht=2, return_value=0x84f17bc,
return_value_ptr=0x0, this_ptr=0x0,
    return_value_used=1, tsrm_ls=0x83ed018) at
/home/iblue/src/php-5.1.1/ext/mcrypt/mcrypt.c:489
#4  0x0825d2cd in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfacdc48, tsrm_ls=0x83ed018)
    at /home/iblue/src/php-5.1.1/Zend/zend_vm_execute.h:188
#5  0x082630bf in ZEND_DO_FCALL_SPEC_CONST_HANDLER
(execute_data=0xbfacdc48, tsrm_ls=0x83ed018)
    at /home/iblue/src/php-5.1.1/Zend/zend_vm_execute.h:1578
#6  0x0825cbfc in execute (op_array=0x84fc0ac, tsrm_ls=0x83ed018) at
/home/iblue/src/php-5.1.1/Zend/zend_vm_execute.h:88#7  0x08238816 in
zend_execute_scripts (type=8, tsrm_ls=0x83ed018, retval=0x0,
file_count=3)
    at /home/iblue/src/php-5.1.1/Zend/zend.c:1090
#8  0x081fc32b in php_execute_script (primary_file=0xbfacffe4,
tsrm_ls=0x83ed018)
    at /home/iblue/src/php-5.1.1/main/main.c:1704
#9  0x082e26ca in main (argc=3, argv=0xbfad0084) at
/home/iblue/src/php-5.1.1/sapi/cli/php_cli.c:1039


-- 
Edit bug report at http://bugs.php.net/?id=35496&edit=1
-- 
Try a CVS snapshot (PHP 4.4): 
http://bugs.php.net/fix.php?id=35496&r=trysnapshot44
Try a CVS snapshot (PHP 5.1): 
http://bugs.php.net/fix.php?id=35496&r=trysnapshot51
Try a CVS snapshot (PHP 6.0): 
http://bugs.php.net/fix.php?id=35496&r=trysnapshot60
Fixed in CVS:                 http://bugs.php.net/fix.php?id=35496&r=fixedcvs
Fixed in release:             
http://bugs.php.net/fix.php?id=35496&r=alreadyfixed
Need backtrace:               http://bugs.php.net/fix.php?id=35496&r=needtrace
Need Reproduce Script:        http://bugs.php.net/fix.php?id=35496&r=needscript
Try newer version:            http://bugs.php.net/fix.php?id=35496&r=oldversion
Not developer issue:          http://bugs.php.net/fix.php?id=35496&r=support
Expected behavior:            http://bugs.php.net/fix.php?id=35496&r=notwrong
Not enough info:              
http://bugs.php.net/fix.php?id=35496&r=notenoughinfo
Submitted twice:              
http://bugs.php.net/fix.php?id=35496&r=submittedtwice
register_globals:             http://bugs.php.net/fix.php?id=35496&r=globals
PHP 3 support discontinued:   http://bugs.php.net/fix.php?id=35496&r=php3
Daylight Savings:             http://bugs.php.net/fix.php?id=35496&r=dst
IIS Stability:                http://bugs.php.net/fix.php?id=35496&r=isapi
Install GNU Sed:              http://bugs.php.net/fix.php?id=35496&r=gnused
Floating point limitations:   http://bugs.php.net/fix.php?id=35496&r=float
No Zend Extensions:           http://bugs.php.net/fix.php?id=35496&r=nozend
MySQL Configuration Error:    http://bugs.php.net/fix.php?id=35496&r=mysqlcfg

Reply via email to