Last active
July 21, 2020 23:19
-
-
Save nikita-kun/88b80583a4d12230910040cf2cd3031d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
function fastLeakage(){ | |
$cert = "-----BEGIN CERTIFICATE----- | |
MIIE4jCCAsqgAwIBAgIHBZCisfbbfTANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQG | |
EwJHQjEPMA0GA1UECAwGTG9uZG9uMRcwFQYDVQQKDA5Hb29nbGUgVUsgTHRkLjEh | |
MB8GA1UECwwYQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5MSMwIQYDVQQDDBpNZXJn | |
ZSBEZWxheSBJbnRlcm1lZGlhdGUgMTAeFw0xOTA4MjExNjAyMDhaFw0yMjEwMTMw | |
NTQ0MjdaMHUxCzAJBgNVBAYTAkdCMQ8wDQYDVQQHDAZMb25kb24xOjA4BgNVBAoM | |
MUdvb2dsZSBDZXJ0aWZpY2F0ZSBUcmFuc3BhcmVuY3kgKFByZWNlcnQgU2lnbmlu | |
ZykxGTAXBgNVBAUTEDE1NjY0MDMzMjg0MDAyNTMwggEiMA0GCSqGSIb3DQEBAQUA | |
A4IBDwAwggEKAoIBAQDdr1pIlcp/wH42Yb/kxiyx06DKKUO3vZj1Zx7W0kGOPlfP | |
KroFcSLbCxnrzm1iENVbflBcbeGY1hF3c5cDxs/6bh88Y/5gA1rhP0q1c02Y9yPN | |
Yo+pi6vfJK41CwsMHTie0U01Ghynzy/683+5tpigp2MccsrPFi5Sk7WMgR78Y6dt | |
oEH9KZtdbuBlUzyEjnDzR5F7UB3YtrYVOKeYlsYEDmgLZKSMtP9M7/XIc8kUqT1L | |
VDcB/kk46plGV0b93P+HSPdQcqAUIoqa/zmDnR8XZZGShg1OyJPhB75xCahMr6wL | |
aXyEFtOwgjDnUZIb5DgpUVwHBq4Xw3QYYmtjk7eVAgMBAAGjbTBrMBgGA1UdJQEB | |
/wQOMAwGCisGAQQB1nkCBAQwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTp | |
PAThgC/ChBMtJnCe8v0az6r+xjAdBgNVHQ4EFgQUq3H778kIPz+bmq6to3MFNtGz | |
qeQwDQYJKoZIhvcNAQEFBQADggIBACYc4ubDw8J7g+AYIS42K2RH/AZ5pf9KAZ+C | |
OyFkZ5/LV3gNn1CAKFDOyjrGNA6r2yyHZ8TqyKguZqpFLVf1Vn7ll8u38hp7mBFO | |
/bZGnCdZTtW8Ae8zNQXuFbXoItCk6unGPQsp7/5mHD8nsrqO512zEHuPA+b3v/ZR | |
tSwkaJZM3W4LhHWiplEoA0F9CCnBKB1W00LDMZTLa4CRdGJlrjwchG0No+ItGrXZ | |
cc+wLMic6UZ1QrXcvo9efj6/bjLHTee39u4SlIcuL20x97993HZyqP5ZSi+QkKfr | |
Af441uJNHOFmoClCo6Wb2quNn6F6GvhYxkYcy/CgVP+VOfUBPIF8Ta2KrcI46fAL | |
Qq6d/SK0GtjlRZME8h48tocBCGvtcZwmZnOQDLd3M51rmfXKB/6y70PjJqiX9ExR | |
CJzpfafv1OaOqtWre6UofQsEx+jP+P7iGqQo+W9XrufnE7IDso+Za98G5cUIj61a | |
U6sTKt8w+Ovkxr3UyC/QHdYYJ7nYQfrJ2ml9aAzs1ZlNS8YS0XXpzmpaZhSuhbfM | |
F6F0Drg3+os4hVFiimUOjspZ4Su2EpsG86hdqJ/HHxTPPfgVlbBP0mexaRco3KVv | |
pgJ4B+Hh5oOOh9TkR+D3ZKzjc6G2+4nhflYjI AD7B080Jshk6TcII1twXD9qBkvm | |
9J3nrHWc | |
-----END CERTIFICATE-----"; | |
$memUsed = 0; | |
while (1){ | |
$read = openssl_x509_read($cert); //does not leak | |
$parsed = openssl_x509_parse($read); //does not leak | |
$key = openssl_pkey_get_public($read); //leaks | |
openssl_pkey_free($key); //does not free everything | |
//openssl_free_key($key); //does not free everything | |
//unset($key); //does not help | |
//$key = null //same here | |
if ($memUsed < memory_get_usage(true)){ | |
$memUsed = memory_get_usage(true); | |
echo "Memory usage, real: ". memory_get_usage(true) ."\n"; | |
} | |
} | |
} | |
phpinfo(); | |
//running in a CLI mode | |
fastLeakage(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
PHP Version => 7.1.23
System => Darwin WORKGROUP 18.7.0 Darwin Kernel Version 18.7.0: Tue Aug 20 16:57:14 PDT 2019; root:xnu-4903.271.2~2/RELEASE_X86_64 x86_64
Build Date => Feb 22 2019 22:18:47
OpenSSL support => enabled
OpenSSL Library Version => LibreSSL 2.2.7
OpenSSL Header Version => LibreSSL 2.6.5
Openssl default config => /private/etc/ssl/openssl.cnf