3.0.3 - EVP_EC_gen() segfault without init

Klaus Keppler kk at keppler-it.de
Wed May 4 19:58:00 UTC 2022


yesterday we updated OpenSSL from 3.0.2 to 3.0.3, what made some of our 
unit tests crash.

I've boiled the problem down to the following example code:

#include <openssl/crypto.h>
#include <openssl/ec.h>
#include <openssl/evp.h>

int main(int argc, const char *argv[]) {
     //OPENSSL_init_crypto(0, NULL);
     if (! EVP_EC_gen("P-384")) return -1;
     return 0;

Compile with:

   gcc -Wall -Werror -pedantic -o test test.c -lcrypto

With OpenSSL 3.0.2 this runs just fine, with OpenSSL 3.0.3 we get a 
segmentation fault during a string comparison within EVP_PKEY_Q_keygen 
(EVP_EC_gen is just a macro).

I assume that the curve names are not properly initialized, when you 
uncomment the call to "OPENSSL_init_crypto()", everything works just fine.

The documentation [1] of OPENSSL_init_crypto() states that explicit 
initialization is not required. Man page of EVP_EC_gen [2] says nothing 
about initialization.
Considering that 3.0.3 is only a minor update and 3.0.2 worked as 
expected, we might have hit a bug. If this (above) is "just" a usage 
error, the documentation should describe in which cases an explicit 
initialization is required.

Anyway, thank you for all your efforts!

Best regards

    -Klaus Keppler

[1] https://www.openssl.org/docs/man3.0/man3/OPENSSL_init_crypto.html
[2] https://www.openssl.org/docs/man3.0/man3/EVP_EC_gen.html

More information about the openssl-users mailing list