PHP :: Bug #53136 :: Invalid read on openssl_csr

PHP :: Bug #53136 :: Invalid read on openssl_csr_new()

Bug #53136	Invalid read on openssl_csr_new()
Submitted:	2010-10-22 11:32 UTC	Modified:	2010-11-13 00:34 UTC
From:	filowie at list dot ru	Assigned:	felipe (profile)
Status:	Closed	Package:	OpenSSL related
PHP Version:	5.3	OS:	Windows XP SP2 (x86)
Private report:	No	CVE-ID:	None

[2010-10-22 11:32 UTC] filowie at list dot ru

Description:
------------
Apache version: 2.2.15 (Win32) with OpenSSL/0.9.8m
Screenshot: http://cs4536.vk.com/u508862/115691740/y_1a9b38e5.jpg

Test script:
---------------
$ea = array(X509_PURPOSE_CRL_SIGN); // reason
openssl_csr_new(array('commonName' => 'localhost'), openssl_pkey_new(), null, $ea);

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2010-11-12 09:46 UTC] filowie at list dot ru

-Summary: Unexpected Apache termination +Summary: Ошибка доступа к памяти в Apache

[2010-11-12 09:46 UTC] filowie at list dot ru

[2010-11-12 23:41 UTC] felipe@php.net

-Summary: Ошибка доступа к памяти в Apache +Summary: Unexpected Apache termination

[2010-11-13 00:33 UTC] felipe@php.net

-Summary: Unexpected Apache termination +Summary: Invalid read on openssl_csr_new()

[2010-11-13 00:34 UTC] felipe@php.net

-Status: Open +Status: Closed -PHP Version: 5.2.14 +PHP Version: 5.3 -Assigned To: +Assigned To: felipe

[2010-11-13 00:34 UTC] felipe@php.net

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Are you using 5.3.x, right?