-
-
Save rot13/92108533811a8ab15b5e685f24449b36 to your computer and use it in GitHub Desktop.
PHP pthread key leak demonstration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM debian:10 | |
RUN apt-get update | |
RUN apt-get install -y wget build-essential libexpat-dev libpcre3-dev libnss3-dev pkgconf gdb | |
RUN wget https://downloads.apache.org/httpd/httpd-2.4.46.tar.bz2 | |
RUN wget https://downloads.apache.org/apr/apr-1.7.0.tar.bz2 | |
RUN wget https://downloads.apache.org/apr/apr-util-1.6.1.tar.bz2 | |
RUN echo 'e2e148f0b2e99b8e5c6caa09f6d4fb4dd3e83f744aa72a952f94f5a14436f7ea *apr-1.7.0.tar.bz2' | sha256sum -c && \ | |
tar -xjf apr-1.7.0.tar.bz2 && \ | |
cd apr-1.7.0 && \ | |
./configure && \ | |
make -j$(nproc) && \ | |
make install | |
RUN echo 'd3e12f7b6ad12687572a3a39475545a072608f4ba03a6ce8a3778f607dd0035b apr-util-1.6.1.tar.bz2' | sha256sum -c && \ | |
tar -xjf apr-util-1.6.1.tar.bz2 && \ | |
cd apr-util-1.6.1 && \ | |
./configure --with-apr=/usr/local/apr && \ | |
make -j$(nproc) && \ | |
make install | |
RUN echo '740eddf6e1c641992b22359cabc66e6325868c3c5e2e3f98faf349b61ecf41ea *httpd-2.4.46.tar.bz2' | sha256sum -c && \ | |
tar -xjf httpd-2.4.46.tar.bz2 && \ | |
cd httpd-2.4.46 && \ | |
./configure --enable-so && \ | |
make -j$(nproc) && \ | |
make install | |
RUN wget https://www.php.net/distributions/php-8.0.0.tar.xz | |
RUN wget ftp://xmlsoft.org/libxml2/libxml2-2.9.10.tar.gz | |
RUN wget https://curl.se/download/curl-7.74.0.tar.xz | |
RUN echo '999d5f2c403cf6e25d58319fdd596611e455dd195208746bc6e6d197a77e878b curl-7.74.0.tar.xz' | sha256sum -c && \ | |
tar -xJf curl-7.74.0.tar.xz && \ | |
cd curl-7.74.0 && \ | |
./configure --with-nss && \ | |
make -j$(nproc) && \ | |
make install | |
RUN echo 'aafee193ffb8fe0c82d4afef6ef91972cbaf5feea100edc2f262750611b4be1f libxml2-2.9.10.tar.gz' | sha256sum -c && \ | |
tar -xzf libxml2-2.9.10.tar.gz && \ | |
cd libxml2-2.9.10 && \ | |
./configure && \ | |
make -j$(nproc) && \ | |
make install | |
RUN echo 'b5278b3eef584f0c075d15666da4e952fa3859ee509d6b0cc2ed13df13f65ebb php-8.0.0.tar.xz' | sha256sum -c && \ | |
tar -xJf php-8.0.0.tar.xz && \ | |
cd php-8.0.0 && \ | |
./configure --with-apxs2=/usr/local/apache2/bin/apxs --enable-curl --with-curl --enable-xml --with-libxml --disable-all && \ | |
make -j$(nproc) && \ | |
make install | |
RUN /usr/local/apache2/bin/apachectl -k start && \ | |
sleep 1 && \ | |
while kill -USR1 $(cat /usr/local/apache2/logs/httpd.pid); do \ | |
gdb --pid $(cat /usr/local/apache2/logs/httpd.pid) --batch -ex 'p __pthread_keys' ; \ | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment