1

[alpine-aports] [PATCH] testing/php7: Make php7 to use it's own crypt_r implementation insteard of system one

Valery Kartel
Details
Message ID
<1458816588-14042-1-git-send-email-valery.kartel@gmail.com>
Sender timestamp
1458816588
DKIM signature
missing
Download raw message
Patch: +19 -4
---
Subject: PHP7 password_hash() crashes under Alpine Linux
From: Andy Pfeiffer <apfeiffer.dresden@googlemail.com>
Date: 24/03/2016 09:17 (EET)

Hi Valery,
sorry to contact you directly, but I don't have an account with Alpine Linux Development neither I'm going to create one.
Issue is regarding PHP7 package using the following docker file:

FROM alpine

MAINTAINER xxxxx <xxxx.xxxxx@gmail.com>

ENV PHP_VER "7"

RUN apk update && \
    apk upgrade && \
    apk --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing add \
    nano \
    readline \
    php${PHP_VER} \
    php${PHP_VER}-common \.
    php${PHP_VER}-fpm

RUN echo "<?php echo password_hash(\"rasmuslerdorf\", PASSWORD_DEFAULT).\"\n\"; ?>" >> /pw_hash.php

CMD ["/usr/bin/php7", "/pw_hash.php"]

The output of the docker run command is:

PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted (tried to allocate 8298485945901002016 bytes) in /pw_hash.php on line 1

Using the PHP5 packages will give the (correct) result:

$2y$10$de7p/1q2Xx/EyDpOp6ZBUOjf9gIqtrMR.r3Anh9B2lVCaJWPZSFs.

If you can confirm the issue, please open a bug report.

Thanks for supporting the community!
With best regards,
Andy

btw: Would it be possible to create PHP7 packages for armhf (raspberry, bananapi, ...) too?
---
 testing/php7/APKBUILD                   | 12 ++++++++----
 testing/php7/use-internal-crypt_r.patch | 11 +++++++++++
 2 files changed, 19 insertions(+), 4 deletions(-)
 create mode 100644 testing/php7/use-internal-crypt_r.patch

diff --git a/testing/php7/APKBUILD b/testing/php7/APKBUILD
index 8a56b5d..70a6c66 100644
--- a/testing/php7/APKBUILD
+++ b/testing/php7/APKBUILD
@@ -3,7 +3,7 @@
 pkgname=php7
 _pkgreal=php
 pkgver=7.0.4
-pkgrel=0
+pkgrel=1
 pkgdesc="The PHP language runtime engine - 7th branch"
 url="http://www.php.net/"
 arch="x86_64 armhf"
@@ -86,6 +86,7 @@ source="http://php.net/distributions/$_pkgreal-$pkgver.tar.bz2
 	tidy-buffio.patch
 	includedir.patch
 	pid_log.patch
+	use-internal-crypt_r.patch
 	"
 
 _apiver="20151012"
@@ -404,7 +405,8 @@ a340f27e83ed4482d2fbb98658ef71cb  php7-fpm.initd
 483bc0a85c50a9a9aedbe14a19ed4526  install-pear.patch
 66f0037a029f9eed2b31d2e1d50f1860  tidy-buffio.patch
 d872e633c9b33c3c9f629dd2edd2e5c5  includedir.patch
-6ba762ab7a105163b8e5b3913deae109  pid_log.patch"
+6ba762ab7a105163b8e5b3913deae109  pid_log.patch
+523fdc923d8c6eaeab7db144792b9572  use-internal-crypt_r.patch"
 sha256sums="a246c503709c189ba8e1e22ed2cb22abc27da43a997ff1b3318e181baf529dcc  php-7.0.4.tar.bz2
 eca59e8b0498c1c93b35f9a5109ae56d0cda9d94822727d689371ccad31b3615  php7-fpm.initd
 6e4406f21b69085714cdb9d9a67c08e27a1c737ab353f9813cb2fc268352d2c6  php7-fpm.logrotate
@@ -412,7 +414,8 @@ eca59e8b0498c1c93b35f9a5109ae56d0cda9d94822727d689371ccad31b3615  php7-fpm.initd
 f739ca427a1dd53a388bad0823565299c5d4a5796b1171b892884e4d7d099bab  install-pear.patch
 5dc8f32e5e2b1cd6317ada5a5adb9b5f0802ed6e0dbe065d7bfcc0f55d47e0d5  tidy-buffio.patch
 ea74966a23b1b54548ee35e9ccc2fc8d2b7c2285c385c44d6b23d9e2f25ea1a7  includedir.patch
-0cca8729c64682387a8c44ed74f0966da697f2817152d8d05bb25bedc7eaafec  pid_log.patch"
+0cca8729c64682387a8c44ed74f0966da697f2817152d8d05bb25bedc7eaafec  pid_log.patch
+0137c36b9695734cfcab55f0cf515747a9de60306e73a0cd590c3534806dc0a9  use-internal-crypt_r.patch"
 sha512sums="9d1dc761cdd9103a91299e01117c1790550e3b94e7694dcc2555d83e5abe3d2170acd6226e8501c5f2a77b5c374b1c9f5ea009999d476818c2682a54def86b96  php-7.0.4.tar.bz2
 89076ab8e170a8f886b88bb30aa3e6a6b4463155a18ea53485cc9e3898c81afa3d01fb8403d28a45dc1680f09c645c2d81d8272bc8b9c7ced41e59b0ba226216  php7-fpm.initd
 cacce7bf789467ff40647b7319e3760c6c587218720538516e8d400baa75651f72165c4e28056cd0c1dc89efecb4d00d0d7823bed80b29136262c825ce816691  php7-fpm.logrotate
@@ -420,4 +423,5 @@ fbf9a1572d37370ec0d126502e1d066e045a992484d8fc4f1e2ede330134c1a15f4029f29fa4daeb
 f1177cbf6b1f44402f421c3d317aab1a2a40d0b1209c11519c1158df337c8945f3a313d689c939768584f3e4edbe52e8bd6103fb6777462326a9d94e8ab1f505  install-pear.patch
 6894c9cba7752a3406e774d9efc0e058c37433493c1c20101e9563bf247c112157a67e306b06b9517b0422eca521f543d637a6cbd2cea7639e43f13d773b3d2b  tidy-buffio.patch
 199aecdbd3b4035aabf5379c215f82412d3c98b79a1ee186944e7fe1f0ed6f40789ea30e2355149491de6be34fc66c5e486e2a79a7e41ab2ae18706ef3ffe79b  includedir.patch
-82231c7b27b4d044272857dc713674884715ed8e36e54be06faa5d2a949ba4bca597628958a9c5683ec51c36e05a00f6be811c7e95112b0314c98528f584a8d6  pid_log.patch"
+82231c7b27b4d044272857dc713674884715ed8e36e54be06faa5d2a949ba4bca597628958a9c5683ec51c36e05a00f6be811c7e95112b0314c98528f584a8d6  pid_log.patch
+6bba68cda5e02d5ada974464923d245d73bc1cb08d051620f74a27a2ef93997dd26e905ea19d8d7eeb62f5071ec24ef6e63618c10fe83dbeeba853d70b05b93e  use-internal-crypt_r.patch"
diff --git a/testing/php7/use-internal-crypt_r.patch b/testing/php7/use-internal-crypt_r.patch
new file mode 100644
index 0000000..aafb48d
--- /dev/null
+++ b/testing/php7/use-internal-crypt_r.patch
@@ -0,0 +1,11 @@
+--- a/configure.in
+@@ -766,7 +766,7 @@
+ PHP_READDIR_R_TYPE
+ PHP_CHECK_IN_ADDR_T
+ 
+-AC_CHECK_FUNCS(crypt_r, [ php_crypt_r="1" ], [ php_crypt_r="0" ])
++AC_CHECK_FUNCS(crypt_r, [ php_crypt_r="0" ], [ php_crypt_r="0" ])
+ if test "x$php_crypt_r" = "x1"; then
+   PHP_CRYPT_R_STYLE
+ fi
-- 
2.7.4



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Timo Teras
Details
Message ID
<20160325082937.27dea944@vostro.util.wtbts.net>
In-Reply-To
<1458816588-14042-1-git-send-email-valery.kartel@gmail.com> (view parent)
Sender timestamp
1458887377
DKIM signature
missing
Download raw message
On Thu, 24 Mar 2016 12:49:48 +0200
Valery Kartel <valery.kartel@gmail.com> wrote:

> Subject: PHP7 password_hash() crashes under Alpine Linux
> From: Andy Pfeiffer <apfeiffer.dresden@googlemail.com>
> Date: 24/03/2016 09:17 (EET)
> 
> Hi Valery,
> sorry to contact you directly, but I don't have an account with
> Alpine Linux Development neither I'm going to create one. Issue is
> regarding PHP7 package using the following docker file:
> 
> FROM alpine
> 
> MAINTAINER xxxxx <xxxx.xxxxx@gmail.com>
> 
> ENV PHP_VER "7"
> 
> RUN apk update && \
>     apk upgrade && \
>     apk --no-cache --repository
> http://dl-cdn.alpinelinux.org/alpine/edge/testing add \ nano \
>     readline \
>     php${PHP_VER} \
>     php${PHP_VER}-common \.
>     php${PHP_VER}-fpm
> 
> RUN echo "<?php echo password_hash(\"rasmuslerdorf\",
> PASSWORD_DEFAULT).\"\n\"; ?>" >> /pw_hash.php
> 
> CMD ["/usr/bin/php7", "/pw_hash.php"]
> 
> The output of the docker run command is:
> 
> PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted
> (tried to allocate 8298485945901002016 bytes) in /pw_hash.php on line
> 1
> 
> Using the PHP5 packages will give the (correct) result:
> 
> $2y$10$de7p/1q2Xx/EyDpOp6ZBUOjf9gIqtrMR.r3Anh9B2lVCaJWPZSFs.
> 
> If you can confirm the issue, please open a bug report.
> 
> Thanks for supporting the community!
> With best regards,
> Andy
> 
> btw: Would it be possible to create PHP7 packages for armhf
> (raspberry, bananapi, ...) too? ---
>  testing/php7/APKBUILD                   | 12 ++++++++----
>  testing/php7/use-internal-crypt_r.patch | 11 +++++++++++
>  2 files changed, 19 insertions(+), 4 deletions(-)
>  create mode 100644 testing/php7/use-internal-crypt_r.patch
> 
> diff --git a/testing/php7/APKBUILD b/testing/php7/APKBUILD
> index 8a56b5d..70a6c66 100644
> --- a/testing/php7/APKBUILD
> +++ b/testing/php7/APKBUILD
> @@ -3,7 +3,7 @@
>  pkgname=php7
>  _pkgreal=php
>  pkgver=7.0.4
> -pkgrel=0
> +pkgrel=1
>  pkgdesc="The PHP language runtime engine - 7th branch"
>  url="http://www.php.net/"
>  arch="x86_64 armhf"
> @@ -86,6 +86,7 @@
> source="http://php.net/distributions/$_pkgreal-$pkgver.tar.bz2
> tidy-buffio.patch includedir.patch
>  	pid_log.patch
> +	use-internal-crypt_r.patch
>  	"
>  
>  _apiver="20151012"
> a/testing/php7/use-internal-crypt_r.patch
> b/testing/php7/use-internal-crypt_r.patch new file mode 100644 index
> 0000000..aafb48d --- /dev/null +++
> b/testing/php7/use-internal-crypt_r.patch @@ -0,0 +1,11 @@ +---
> a/configure.in ++++ b/configure.in +@@ -766,7 +766,7 @@
> + PHP_READDIR_R_TYPE
> + PHP_CHECK_IN_ADDR_T
> + 
> +-AC_CHECK_FUNCS(crypt_r, [ php_crypt_r="1" ], [ php_crypt_r="0" ])
> ++AC_CHECK_FUNCS(crypt_r, [ php_crypt_r="0" ], [ php_crypt_r="0" ])
> + if test "x$php_crypt_r" = "x1"; then
> +   PHP_CRYPT_R_STYLE
> + fi


I'd rather not break the configure script. Either remove the test, and
unconditionally define php_crypt_r=0; or preferable fix the underlying
cause.

In fact, in the main/php package we patch php to fix the crypt issue. I
can look at fixing it.


---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---