Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: gcrypt

libgcrypt11 1.5.0 version segfaults with NSS/PAM LDAP (AES-NI)

 

 

GnuPG gcrypt RSS feed   Index | Next | Previous | View Threaded


ametzler at downhill

Oct 9, 2011, 7:23 AM

Post #1 of 2 (671 views)
Permalink
libgcrypt11 1.5.0 version segfaults with NSS/PAM LDAP (AES-NI)

Hello,
this is http://bugs.debian.org/643336 reported by Marc Dequènes, the
crash was not easily reproducible with gnutls-cli. The respective
system features AES-NI support.

cu andreas

--------------------------------------------
Package: libgcrypt11
Version: 1.5.0-3
Severity: important


Coin,

I'm using:
- libgnutls26 2.12.10-2
- libldap-2.4-2 2.4.25-3
- libnss-ldap 264-2.2

After an upgrade a mere "id <user>" lead to the following segfault:
#0 0xb72011cd in do_aesni_enc_aligned (
a=0xb723a1b8 "\001K\257\"x\246\235\063\035Q\200\020\066C\351\232gC\303\321Q\232\264\362͚x\253\t\245\021\275]\036\362\r\316ּ\274\022\023\032\307\305G\210\252\b\016\225\027\353\026wq\232\317r\200\206\004",
<incomplete sequence \343>, b=0xbfb28ad8
"(\335%\267p\213\262\277\004{\343\t", ctx=0xbfb288e8) at
rijndael.c:710
#1 do_aesni (ctx=0xbfb288e8, decrypt_flag=0, bx=0xbfb28ad8
"(\335%\267p\213\262\277\004{\343\t",
ax=0xb723a1b8 "\001K\257\"x\246\235\063\035Q\200\020\066C\351\232gC\303\321Q\232\264\362͚x\253\t\245\021\275]\036\362\r\316ּ\274\022\023\032\307\305G\210\252\b\016\225\027\353\026wq\232\317r\200\206\004",
<incomplete sequence \343>) at rijndael.c:1132
#2 0xb72014c6 in rijndael_encrypt (context=0xbfb288e8, b=0xbfb28ad8
"(\335%\267p\213\262\277\004{\343\t",
a=0xb723a1b8 "\001K\257\"x\246\235\063\035Q\200\020\066C\351\232gC\303\321Q\232\264\362͚x\253\t\245\021\275]\036\362\r\316ּ\274\022\023\032\307\305G\210\252\b\016\225\027\353\026wq\232\317r\200\206\004",
<incomplete sequence \343>) at rijndael.c:1155
#3 0xb7201aa8 in selftest_basic_128 () at rijndael.c:1660
#4 0xb7201657 in selftest () at rijndael.c:1749
#5 do_setkey (keylen=16, key=0x9ff3fa8
"\035\224<n\372KWy1\355\344y\260\332\064\031\030", ctx=0xa001e90)
at rijndael.c:209
#6 rijndael_setkey (context=0xa001e90, key=0x9ff3fa8
"\035\224<n\372KWy1\355\344y\260\332\064\031\030",
keylen=16) at rijndael.c:444
#7 0xb71e5ae7 in cipher_setkey (c=0xa001e10, key=<optimized out>,
keylen=16) at cipher.c:896
#8 0xb71dbe04 in gcry_cipher_setkey (hd=0xa001e10, key=0x9ff3fa8,
keylen=16) at visibility.c:521
#9 0xb72faceb in wrap_gcry_cipher_setkey (ctx=0xa001e10,
key=0x9ff3fa8, keysize=16) at cipher.c:115
#10 0xb727ea92 in _gnutls_cipher_init (handle=0x9ff485c,
cipher=GNUTLS_CIPHER_AES_128_CBC, key=0x9ff4854,
iv=0x9ff484c) at gnutls_cipher_int.c:71
#11 0xb7289d05 in _gnutls_init_record_state (read=1, state=0x9ff4844,
params=<optimized out>)
at gnutls_constate.c:299
#12 0xb728a2c1 in _gnutls_epoch_set_keys (session=0x9ff70c0, epoch=1)
at gnutls_constate.c:431
#13 0xb728a997 in _gnutls_write_connection_state_init
(session=0x9ff70c0) at gnutls_constate.c:602
#14 0xb7272fdd in _gnutls_send_handshake_final (session=0x9ff70c0,
init=1) at gnutls_handshake.c:2888
#15 0xb72765e0 in _gnutls_handshake_common (session=0x9ff70c0) at
gnutls_handshake.c:3121
#16 0xb7277fad in gnutls_handshake (session=0x9ff70c0) at
gnutls_handshake.c:2690
#17 0xb74bfdac in tlsg_session_accept (session=0x9ff70a8) at tls_g.c:472
#18 0xb74bcd39 in ldap_int_tls_connect (ld=0x9e3ca30, conn=<optimized
out>) at tls2.c:358
#19 0xb74bd917 in ldap_int_tls_start (ld=0x9e3ca30, conn=0x9e3c980,
srv=0x0) at tls2.c:825
#20 0xb74bdc79 in ldap_install_tls (ld=0x9e3ca30) at tls2.c:897
#21 0xb74dbc1d in ?? () from /lib/libnss_ldap.so.2
#22 0xb74dc251 in ?? () from /lib/libnss_ldap.so.2
#23 0xb74dcaa5 in ?? () from /lib/libnss_ldap.so.2
#24 0xb74dcdf1 in ?? () from /lib/libnss_ldap.so.2
#25 0xb74dd570 in _nss_ldap_getpwnam_r () from /lib/libnss_ldap.so.2
#26 0xb773e495 in getpwnam_r () from /lib/i386-linux-gnu/i686/cmov/libc.so.6
#27 0xb773deff in getpwnam () from /lib/i386-linux-gnu/i686/cmov/libc.so.6
#28 0x08049594 in ?? ()
#29 0xb76bee46 in __libc_start_main () from
/lib/i386-linux-gnu/i686/cmov/libc.so.6
#30 0x08049b49 in ?? ()
Backtrace stopped: Not enough registers or memory available to unwind further

Reverting to 1.4.6-9 fixed the problem.

Regards.


-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.0.0-1-686-pae (SMP w/8 CPU cores)
--------------------------------------------

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel


wk at gnupg

Oct 11, 2011, 1:01 AM

Post #2 of 2 (625 views)
Permalink
Re: libgcrypt11 1.5.0 version segfaults with NSS/PAM LDAP (AES-NI) [In reply to]

On Sun, 9 Oct 2011 16:23, ametzler [at] downhill said:

> this is http://bugs.debian.org/643336 reported by Marc Dequènes, the
> crash was not easily reproducible with gnutls-cli. The respective
> system features AES-NI support.

Please try to break this down to a little test program without LDAP and
without GNUTLS.


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

GnuPG gcrypt RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.