3.0.3 - EVP_EC_gen() segfault without init

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Wed May 4 20:07:53 UTC 2022

What platform?

$ bat ossl3-tst.c
       │ File: ossl3-tst.c
       │ Size: 216 B
   1   │ #include <openssl/crypto.h>
   2   │ #include <openssl/ec.h>
   3   │ #include <openssl/evp.h>
   4   │ 
   5   │ int main(int argc, const char *argv[]) {
   6   │      //OPENSSL_init_crypto(0, NULL);
   7   │      if (! EVP_EC_gen("P-384")) return -1;
   8   │      return 0;
   9   │ }
$ gcc -Wall -Werror -pedantic -o ossl3-tst ossl3-tst.c -I/opt/local/include -L/opt/local/lib -lcrypto
$ ./ossl3-tst 

Above is on MacOS Monterey with GCC-11.
There are two ways to design a system. One is to make it so simple there are obviously no deficiencies.
The other is to make it so complex there are no obvious deficiencies.
                                                                                                                                     -  C. A. R. Hoare

On 5/4/22, 15:58, "openssl-users on behalf of Klaus Keppler" <openssl-users-bounces at openssl.org on behalf of kk at keppler-it.de> wrote:


    yesterday we updated OpenSSL from 3.0.2 to 3.0.3, what made some of our 
    unit tests crash.

    I've boiled the problem down to the following example code:

    #include <openssl/crypto.h>
    #include <openssl/ec.h>
    #include <openssl/evp.h>

    int main(int argc, const char *argv[]) {
         //OPENSSL_init_crypto(0, NULL);
         if (! EVP_EC_gen("P-384")) return -1;
         return 0;

    Compile with:

       gcc -Wall -Werror -pedantic -o test test.c -lcrypto

    With OpenSSL 3.0.2 this runs just fine, with OpenSSL 3.0.3 we get a 
    segmentation fault during a string comparison within EVP_PKEY_Q_keygen 
    (EVP_EC_gen is just a macro).

    I assume that the curve names are not properly initialized, when you 
    uncomment the call to "OPENSSL_init_crypto()", everything works just fine.

    The documentation [1] of OPENSSL_init_crypto() states that explicit 
    initialization is not required. Man page of EVP_EC_gen [2] says nothing 
    about initialization.
    Considering that 3.0.3 is only a minor update and 3.0.2 worked as 
    expected, we might have hit a bug. If this (above) is "just" a usage 
    error, the documentation should describe in which cases an explicit 
    initialization is required.

    Anyway, thank you for all your efforts!

    Best regards

        -Klaus Keppler

    [1] https://www.openssl.org/docs/man3.0/man3/OPENSSL_init_crypto.html
    [2] https://www.openssl.org/docs/man3.0/man3/EVP_EC_gen.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5249 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220504/df89ee63/attachment.bin>

More information about the openssl-users mailing list