SIGSEGV from EVP_MAC_CTX_get_mac_size()

Hal Murray halmurray+openssl at sonic.net
Tue Nov 28 01:43:25 UTC 2023


This is a multipart MIME message.

--=3D=3D_Exmh_1701135285_30570
Content-Type: text/plain; charset=3Dus-ascii

Thanks.

> Do you check the return value of EVP_MAC_CTX_get_mac_size()?

Nope, that's where it is crashing.


> Note that EVP_MAC_CTX_get_mac_size() does not seem to be called in the
> back-trace you listed. =


I noticed that and assumed it was some compiler magic.

Attached is my test program.



--=3D=3D_Exmh_1701135285_30570
Content-Type: text/plain ; name=3D"bug.c"; charset=3Dus-ascii
Content-Description: bug.c
Content-Disposition: attachment; filename=3D"bug.c"

/*
 * bug.c - Test case for Segmentation fault from OpenSSL
 *
 * Build with:
 *   cc -o bug bug.c -lssl -lcrypto
 *
 * ./bug for a crash
 * add any arg to call EVP_MAC_init()
 *
 */

#include <stdio.h>

#include <openssl/objects.h>
#include <openssl/ssl.h>
#include <openssl/evp.h>
#include <openssl/err.h>

unsigned char packet[100];
int
main (
	int argc,
	char *argv[]
	)
{
    char key[16] =3D "0123456789abcdef";
    EVP_MAC *mac;
    EVP_MAC_CTX *ctx;
    OSSL_PARAM params[2];
    unsigned int keylen;
    unsigned int maclen =3D 0;

    unsigned int versionNumber =3D OPENSSL_VERSION_NUMBER;
    const char *versionText =3D OPENSSL_VERSION_TEXT;
    printf("OpenSSL Version is %x, %s\n", versionNumber, versionText);

    OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS|OPENSSL_INIT_LOAD_CRYPT=
O_STR
INGS|OPENSSL_INIT_ADD_ALL_CIPHERS|OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);

    mac =3D EVP_MAC_fetch(NULL, "cmac", NULL);
    if (NULL =3D=3D mac) {
        printf("Oops, no mac\n");
        exit(1);
    }
    ctx =3D EVP_MAC_CTX_new(mac);
    if (NULL =3D=3D ctx) {
        printf("Oops, no ctx\n");
        exit(2);
    }

    params[0] =3D OSSL_PARAM_construct_utf8_string("cipher", "AES-128-CBC"=
, 0);
    params[1] =3D OSSL_PARAM_construct_end();
    if (0 =3D=3D EVP_MAC_CTX_set_params(ctx, params)) {
        printf("EVP_MAC_CTX_set_params() didn't work)\n");
        exit(4);
    }
    printf("EVP_MAC_CTX_set_params() worked\n");

    if (argc > 1) {
        if (0 =3D=3D EVP_MAC_init(ctx, key, sizeof(key), NULL)) {
            unsigned long err =3D ERR_get_error();
            char * str =3D ERR_error_string(err, NULL);
            printf("EVP_MAC_init() failed: %s.\n", str);
            exit(5);
        }
        printf("EVP_MAC_init() worked\n");
    }

    maclen =3D EVP_MAC_CTX_get_mac_size(ctx);
    printf("maclen is %u\n",  maclen);

    return 0;
}

--=3D=3D_Exmh_1701135285_30570
Content-Type: text/plain; charset=3Dus-ascii

-- =



-- =

These are my opinions.  I hate spam.





-- 
These are my opinions.  I hate spam.





More information about the openssl-users mailing list