Bug 79617

Summary: lang/php4: curl + https with sysv* extension segfaults
Product: Ports & Packages Reporter: Toni Viemerö <toni.viemero>
Component: Individual Port(s)Assignee: Alex Dupre <ale>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description Toni Viemerö 2005-04-07 08:30:07 UTC 
Using PHP4 from shell to fetch information with curl/https segfaults

Fix: 

Disable sysv* extensions:
;extension=sysvshm.so
;extension=sysvsem.so
;extension=sysvmsg.so
How-To-Repeat: 
foo.php:
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.thawte.com/');
curl_exec($ch);
curl_close($ch);
?>

toni@shaolin:~> php foo.php
Segmentation fault (core dumped)
Comment 1 Volker Stolz freebsd_committer freebsd_triage 2005-04-07 16:19:17 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->ale

Over to maintainer
Comment 2 Vasil Dimov 2005-04-07 17:46:08 UTC 
On Thu, Apr 07, 2005 at 10:29:55AM +0300, Toni Viemero wrote:
...
> System: FreeBSD shaolin.selfdestruct.net 4.11-RELEASE FreeBSD 4.11-RELEASE #4: Fri Jan 21 21:24:11 EET 2005 root@shaolin.selfdestruct.net:/usr/obj/usr/src/sys/SHAOLIN i386
> 
> toni@shaolin:~> curl --version
> curl 7.13.1 (i386-portbld-freebsd4.11) libcurl/7.13.1 OpenSSL/0.9.7d zlib/1.1.4
> 
> toni@shaolin:~> php -v
> PHP 4.3.11 (cli) (built: Apr  5 2005 21:28:26)

...
> >How-To-Repeat:
> 
> foo.php:
> <?php
> $ch = curl_init();
> curl_setopt($ch, CURLOPT_URL, 'https://www.thawte.com/');
> curl_exec($ch);
> curl_close($ch);
> ?>
> 
> toni@shaolin:~> php foo.php
> Segmentation fault (core dumped)


The above foo.php works fine (displays thawte's web-site on stdout) on
this system:

$ uname -a
FreeBSD sinanica.bg.datamax 5.4-PRERELEASE FreeBSD 5.4-PRERELEASE #4: Fri Apr  1 12:12:53 EEST 2005    root@sinanica.bg.datamax:/usr/obj/usr/src/sys/SINANICA-SMP  i386

$ curl --version
curl 7.13.1 (i386-portbld-freebsd5.3) libcurl/7.13.1 OpenSSL/0.9.7e zlib/1.2.1

$ php -v
PHP 4.3.11 (cli) (built: Apr  7 2005 19:28:54) (DEBUG)

Can you try the following command and send the output:

$ gdb /usr/local/bin/php php.core
(gdb) bt

php.core should have left in the current directory after the crash,
also it will be more useful if you recompile php with debug option
turned on.
Comment 3 Toni Viemerö 2005-04-07 17:54:21 UTC 
Vasil Dimov wrote:

> Can you try the following command and send the output:
> 
> $ gdb /usr/local/bin/php php.core
> (gdb) bt

GDB backtrace can be found here:
http://selfdestruct.net/misc/gdb-pr-79617.txt

-- 
Toni Viemerö  |  http://selfdestruct.net/
"Don't do anything by half. If you love someone, love them. If you
 hate someone, hate them until it hurts."
Comment 4 Vasil Dimov 2005-04-08 06:54:18 UTC 
On Thu, Apr 07, 2005 at 07:54:21PM +0300, Toni Viemero wrote:
> Vasil Dimov wrote:
> 
> > Can you try the following command and send the output:
> > 
> > $ gdb /usr/local/bin/php php.core
> > (gdb) bt
> 
> GDB backtrace can be found here:
> http://selfdestruct.net/misc/gdb-pr-79617.txt
> 


Looks like an openssl issue or curl incorrectly calling openssl.

Can you try to install openssl-0.9.7f from security/openssl in the
ports and link libcurl and php against it? It whoud be a matter of

/usr/ports/ftp/curl# make WITH_OPENSSL_PORT=yes install clean

(this sould install openssl from ports if it is not already installed
and link libcurl with it)

Also it would be great if you add debugging symbols to all those
progs and libs (for example add CFLAGS=-g to /etc/make.conf).
It will help to get more detailed backtrace in case the crash
occurs again.

Sorry, but I cannot do much without being able to reproduce the problem.
Comment 5 Toni Viemerö 2005-04-08 09:34:08 UTC 
Vasil Dimov wrote:

> Can you try to install openssl-0.9.7f from security/openssl in the
> ports and link libcurl and php against it? It whoud be a matter of

The foo.php script runs fine with curl / php4-curl built against openssl
from ports.
I'll try rebuilding system with debug symbols to get better trace.

-- 
Toni Viemerö  |  http://selfdestruct.net/
"Don't do anything by half. If you love someone, love them. If you
 hate someone, hate them until it hurts."
Comment 6 Toni Viemerö 2005-04-08 10:48:28 UTC 
Vasil Dimov wrote:

> Also it would be great if you add debugging symbols to all those
> progs and libs (for example add CFLAGS=-g to /etc/make.conf).
> It will help to get more detailed backtrace in case the crash
> occurs again.

Moving "extension=curl.so" into end of extensions.ini fixed the problem.
If curl.so is before snmp.so, it segfaults. If there's only curl.so and
snmp.so in extensions.ini, it works both ways.
Very strange :)

I did build/installworld with CFLAGS=-g and rebuilt curl/php4-curl using
base openssl.

Here's a backtrace
http://selfdestruct.net/misc/gdb-pr-79617-2.txt

-- 
Toni Viemerö  |  http://selfdestruct.net/
"Don't do anything by half. If you love someone, love them. If you
 hate someone, hate them until it hurts."
Comment 7 Vasil Dimov 2005-04-19 10:58:26 UTC 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Finally I resolved the problem.

It seems that there is a bug in OpenSSL, causing this crash.

I have submitted it to the openssl developers mailing list at:
http://marc.theaimsgroup.com/?l=openssl-dev&m=111383480516715&w=2
and also to the GNATS system where it can be found at:
http://www.FreeBSD.org/cgi/query-pr.cgi?pr=80074

But it does not seem to me that it will be committed soon.
Maybe we should just sit and wait to see what will happen.
-----BEGIN PGP SIGNATURE-----

iD8DBQFCZNZCFw6SP/bBpCARAicrAKDGAgij/MdPLMpPnQo1XzFkrmPlwACfbwxZ
TW9rPHe4WykByqFNCKj67WA=
=jDv7
-----END PGP SIGNATURE-----
Comment 8 Alex Dupre freebsd_committer freebsd_triage 2005-04-20 10:33:15 UTC 
State Changed
From-To: open->closed

OpenSSL problem.