[openssl-dev] Overlapping regions check
Greg Hudson
ghudson at mit.edu
Wed Jul 20 23:30:52 UTC 2016
With current OpenSSL master, the krb5 PKINIT tests are getting an
assertion failure which I can't attribute to our code (stack trace at
the end). It appears that EVP_EncryptUpdate() now insists on
non-overlapping regions, but bio_enc.c:enc_read() relies on being able
to decrypt an overlapping region.
The calling code is:
i = BIO_read(tmpmem, buf, sizeof(buf));
where buf is a local array of size 4096 which is not used for any other
purpose (i.e. has nothing to do with the tmpmem bio).
Program received signal SIGABRT, Aborted.
0x00007ffff710ec37 in __GI_raise (sig=sig at entry=6)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) back
#0 0x00007ffff710ec37 in __GI_raise (sig=sig at entry=6)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1 0x00007ffff7112028 in __GI_abort () at abort.c:89
#2 0x00007ffff7107bf6 in __assert_fail_base (
fmt=0x7ffff72583b8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n",
assertion=assertion at entry=0x7ffff618fc78 "!condition",
file=file at entry=0x7ffff618fb90 "crypto/evp/evp_enc.c",
line=line at entry=290,
function=function at entry=0x7ffff618fd10 <__PRETTY_FUNCTION__.16890>
"is_partially_overlapping") at assert.c:92
#3 0x00007ffff7107ca2 in __GI___assert_fail (
assertion=0x7ffff618fc78 "!condition",
file=0x7ffff618fb90 "crypto/evp/evp_enc.c", line=290,
function=0x7ffff618fd10 <__PRETTY_FUNCTION__.16890>
"is_partially_overlapping") at assert.c:101
#4 0x00007ffff60d32f2 in is_partially_overlapping (ptr1=0x6286a0,
ptr2=0x6286e0, len=1728) at crypto/evp/evp_enc.c:290
#5 0x00007ffff60d33c6 in EVP_EncryptUpdate (ctx=0x624230, out=0x6286a0 "",
outl=0x628680,
in=0x6286e0 [edited out],
inl=1728)
at crypto/evp/evp_enc.c:315
#6 0x00007ffff60d3989 in EVP_DecryptUpdate (ctx=0x624230, out=0x6286a0 "",
outl=0x628680,
in=0x6286e0 [edited out],
inl=1728)
at crypto/evp/evp_enc.c:454
#7 0x00007ffff60d30d5 in EVP_CipherUpdate (ctx=0x624230, out=0x6286a0 "",
outl=0x628680,
in=0x6286e0 [edited out],
inl=1728)
at crypto/evp/evp_enc.c:211
#8 0x00007ffff60c5a95 in enc_read (b=0x63d7e0,
out=0x7fffffffbc00 "@\274\377\377\377\177", outl=4096)
at crypto/evp/bio_enc.c:161
#9 0x00007ffff6034b3f in BIO_read (b=0x63d7e0, out=0x7fffffffbc00, outl=4096)
at crypto/bio/bio_lib.c:213
#10 0x00007ffff5977ec5 in pkcs7_decrypt (context=0x608150,
id_cryptoctx=0x621c60, p7=0x63c990, data=0x63bbe0)
at
../../../../src/plugins/preauth/pkinit/pkinit_crypto_openssl.c:5887
[rest of stack trace elided]
More information about the openssl-dev
mailing list