[openssl-dev] [openssl.org #4690] Bug in OpenSSL 1.0.2j ssl_accept
Michael Koch via RT
rt at openssl.org
Wed Sep 28 21:26:27 UTC 2016
Hallo Steve,
since the output comes from an in production system, we doesn't have
debugging symbols there. I'll try to setup a second machine with the
same configuration and use debugging symbols there.
Before upgrading to 1.0.2j we use 1.02h-r2 (each marked as "stable" in
Gentoo portage tree).
The problem only comes sometimes (not reconstruteable).
Michael
Am 28.09.2016 um 23:15 schrieb Stephen Henson via RT:
> On Wed Sep 28 19:44:49 2016, michael at michsoft.de wrote:
>> In addition to my message I send you my gdb backtrace:
>>
>> Program received signal SIGSEGV, Segmentation fault.
>> [Switching to Thread 0x7ffff1413700 (LWP 13663)]
>> 0x00007ffff6ba4e87 in sk_value () from /usr/lib64/libcrypto.so.1.0.0
>> (gdb) backtrace
>> #0 0x00007ffff6ba4e87 in sk_value () from /usr/lib64/libcrypto.so.1.0.0
>> #1 0x00007ffff6ef0ca0 in ssl3_get_client_hello () from
>> /usr/lib64/libssl.so.1.0.0
>> #2 0x00007ffff6ef506f in ssl3_accept () from /usr/lib64/libssl.so.1.0.0
>> #3 0x00007ffff6f04acf in ssl23_accept () from /usr/lib64/libssl.so.1.0.0
>> #4 0x00007ffff79cafca in Thread_MCS_Networking_Listen (arg=0x6a2270) at
>> ./mcs_networking_threads.cpp:222
>> #5 0x00007ffff714c444 in start_thread () from /lib64/libpthread.so.0
>> #6 0x00007ffff58fc4cd in clone () from /lib64/libc.so.6
>> (gdb)
>>
>>
>> It seems as if the crash happens in "sk_value()".
>>
> Which version of OpenSSL were you using before which didn't crash?
>
> Can you provide a backtrace with debugging symbols enabled?
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
>
--
Mit freundlichem Gruß
Michael Koch
MichSoft Consulting
Pappelweg 7
D - 29664 Walsrode
eMail michael.koch at michsoft.de
Internet http://www.michsoft.de
Phone +49 (0) 5161 / 94 94 83 - 0
Fax +49 (0) 5161 / 94 94 83 - 5
Umsatzsteuer Identifikationsnummer
nach § 27 Umsatzsteuergesetz: DE 41 123 05752
Diese Information ist ausschliesslich fuer den Adressaten bestimmt und kann vertraulich oder gesetzlich geschuetzte Informationen enthalten. Wenn Sie nicht der bestimmungsgemaesse Adressat sind, unterrichten Sie bitte den Absender und vernichten Sie diese Mail. Anderen als dem bestimmungsgemaessen Adressaten ist es untersagt, diese E-Mail zu lesen, zu speichern, weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden. Wir verwenden aktuelle Virenschutzprogramme. Fuer Schaeden, die dem Empfaenger gleichwohl durch von uns zugesandte mit Viren befallene E-Mails entstehen, schliessen wir jede Haftung aus.
The information contained in this email is intended only for its addressee and may contain confidential and/or privileged information. If the reader of this email is not the intended recipient, you are hereby notified that reading, saving, distribution or use of the content of this email in any way is prohibited. If you have received this email in error, please notify the sender and delete the email. We use updated antivirus protection software. We do not accept any responsibility for damages caused anyhow by viruses transmitted via email.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4690
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list