<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Hi,<br>
<br>
On 07/01/21 23:53, Gimhani Uthpala wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAJ1bD4_HY=dZgB0Es=x44Gkz4bhnD65VFb+6gjyX0dqs8qF2rw@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<div dir="ltr">
<div dir="ltr"><br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Thu, Jan 7, 2021 at 3:08
AM Ken Goldman <<a href="mailto:kgoldman@us.ibm.com"
moz-do-not-send="true">kgoldman@us.ibm.com</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">On 1/6/2021 12:10 PM,
Gimhani Uthpala wrote:<br>
<br>
> I am getting seg-faults at openssl level. This only
occurred very randomly and the following are stacks that seg
faults at openssl level in the given 2 cases. We are using
openssl 1.0.2k.<br>
<br>
The usual cause is that you are compiling with one version
of openssl and (static or dynamic) linking with a different
one.<br>
The cause of that is typically that you have more than one
version of openssl installed.<br>
<br>
If this is a 3rd party application, not one you're building,
you have to find out what version of openssl they expect.<br>
<br>
<br>
</blockquote>
</div>
<div><br>
</div>
<div>I only have this 1.0.2.k-fips one version installed in both
compiling and running machines. However, I am compiling the
application in RH7.4 and running in RH7.8 linking to openssl
library dynamically. I assume no issue with that as I am using
the same version of openssl in both.</div>
<br>
</div>
</blockquote>
actually - there could be an issue with that, as RedHat has this
tendency to patch openssl between releases (mostly backporting
security fixes from openssl 1.1.x to 1.0.2k).<br>
<br>
Have you tried installing the debuginfo package for openssl so that
the stacktrace will show you better info:<br>
debuginfo-install openssl-libs openssl<br>
<br>
right now all you know is that the segfault occurs *somewhere*
within ASN1_item_verify ()<br>
<br>
HTH,<br>
<br>
JJK<br>
<br>
</body>
</html>