[openssl-dev] [openssl.org #4682] PKITS tests fails with 1.0.2i on GNU/Linux
Bruce Stephens via RT
rt at openssl.org
Thu Sep 22 15:38:35 UTC 2016
The problem appears to be 325da823, x509_vfy.c line 1132.
best_score starts at 0 (from get_crl_delta's crl_score, initialised to
0), and (for whatever reason) crl_score also turns out to be 0. So
if (ASN1_TIME_diff(&day, &sec, X509_CRL_get_lastUpdate(best_crl),
X509_CRL_get_lastUpdate(crl)) == 0)
segfaults (best_crl is NULL).
The test (and the other tests) seem to pass if I change the
initialisation in get_crl_delta:
int crl_score = -1;
I find this with test 4.4.19 specifically (with our own code which uses
OpenSSL), but actually pkits-test.pl shows segfaulting for many tests,
and this is resolved with the above change (the return codes seem to be
different causing the script to report failure, but I suspect that's
just the script needing updating).
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4682
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list