Skip Menu |
 

This queue is for tickets about the Crypt-OpenSSL-EC CPAN distribution.

Report information
The Basics
Id: 101793
Status: resolved
Priority: 0/
Queue: Crypt-OpenSSL-EC

People
Owner: Nobody in particular
Requestors: rwfranks [...] acm.org
Cc:
AdminCc:

Bug Information
Severity: Important
Broken in: 0.8
Fixed in: 0.9



Subject: SEGV and core dump when EC_POINT object goes out of scope
MIME-Version: 1.0
X-Mailer: MIME-tools 5.504 (Entity 5.504)
Content-Disposition: inline
X-RT-Interface: Web
Message-ID: <rt-4.0.18-15170-1422455642-344.0-0-0 [...] rt.cpan.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
X-RT-Encrypt: 0
X-RT-Sign: 0
Content-Length: 3494
Download (untitled) / with headers
text/plain 3.4k
# Script fragment: #!/usr/bin/perl # use 5.18.4; use Crypt::OpenSSL::Bignum 0.04; use Crypt::OpenSSL::EC 0.8; do { my $nid = 415; # NID_X9_62_prime256v1 my $group = Crypt::OpenSSL::EC::EC_GROUP::new_by_curve_name($nid); my $ctx = Crypt::OpenSSL::Bignum::CTX->new(); my $order = Crypt::OpenSSL::Bignum->zero; $group->get_order( $order, $ctx ); my $eckey = Crypt::OpenSSL::EC::EC_KEY::new() || die; $eckey->set_group($group) || die; $eckey->generate_key() || die; my $bignum = $eckey->get0_private_key(); print '$bignum ', $bignum, "\n"; my $binary = $bignum->to_bin; my $K = $eckey->get0_public_key(); print '$K: ', $K, "\n"; }; print "exit;\n"; exit; __END__ # produces (usually, but not always): $ perl -w specimen.pl $bignum Crypt::OpenSSL::Bignum=SCALAR(0x95434e0) $K: Crypt::OpenSSL::EC::EC_POINT=SCALAR(0x955d110) *** Error in `perl': double free or corruption (!prev): 0x095ed420 *** ======= Backtrace: ========= /lib/libc.so.6[0x4a9a6143] /lib/libc.so.6[0x4a9adcba] /lib/libcrypto.so.10(CRYPTO_free+0x35)[0x4325c875] /lib/libcrypto.so.10(EC_POINT_free+0x2f)[0x432a0d6f] /lib/libcrypto.so.10(EC_KEY_free+0x76)[0x432aaba6] /home/rwf/perl5/lib/perl5/i386-linux-thread-multi/auto/Crypt/OpenSSL/EC/EC.so(+0x4b36)[0xb7512b36] /lib/libperl.so.5.18(Perl_pp_entersub+0x55a)[0x41700eda] /lib/libperl.so.5.18(Perl_call_sv+0x639)[0x41681a99] /lib/libperl.so.5.18[0x41709eff] /lib/libperl.so.5.18(Perl_sv_clear+0x3f4)[0x4170a5c4] /lib/libperl.so.5.18(Perl_sv_free2+0xdb)[0x4170acdb] /lib/libperl.so.5.18(Perl_sv_unref_flags+0x6b)[0x4170b0fb] /lib/libperl.so.5.18(Perl_sv_force_normal_flags+0x120)[0x41710af0] /lib/libperl.so.5.18(Perl_leave_scope+0xd34)[0x417311e4] /lib/libperl.so.5.18(Perl_pop_scope+0x34)[0x41731724] /lib/libperl.so.5.18(Perl_pp_leave+0xbd)[0x4173c16d] /lib/libperl.so.5.18(Perl_runops_standard+0x3f)[0x416f8daf] /lib/libperl.so.5.18(perl_run+0x2d1)[0x41688f61] perl[0x8048a15] /lib/libc.so.6(__libc_start_main+0xf3)[0x4a951b73] perl[0x8048a49] ======= Memory map: ======== 08048000-08049000 r-xp 00000000 fd:01 943669 /usr/bin/perl 08049000-0804a000 r--p 00000000 fd:01 943669 /usr/bin/perl 0804a000-0804b000 rw-p 00001000 fd:01 943669 /usr/bin/perl 09540000-09628000 rw-p 00000000 00:00 0 [heap] 41646000-417d0000 r-xp 00000000 fd:01 943666 /usr/lib/libperl.so.5.18.4 417d0000-417d3000 r--p 00189000 fd:01 943666 /usr/lib/libperl.so.5.18.4 417d3000-417d7000 rw-p 0018c000 fd:01 943666 /usr/lib/libperl.so.5.18.4 41c9f000-41d00000 r-xp 00000000 fd:01 921988 /usr/lib/libfreebl3.so 41d00000-41d01000 ---p 00061000 fd:01 921988 /usr/lib/libfreebl3.so 41d01000-41d02000 r--p 00061000 fd:01 921988 /usr/lib/libfreebl3.so 41d02000-41d03000 rw-p 00062000 fd:01 921988 /usr/lib/libfreebl3.so 41d03000-41d07000 rw-p 00000000 00:00 0 41d09000-41d10000 r-xp 00000000 fd:01 923385 /usr/lib/libcrypt-2.18.so 41d10000-41d11000 r--p 00006000 fd:01 923385 /usr/lib/libcrypt-2.18.so 41d11000-41d12000 rw-p 00007000 fd:01 923385 /usr/lib/libcrypt-2.18.so 41d12000-41d39000 rw-p 00000000 00:00 0 4321d000-433ce000 r-xp 00000000 fd:01 928229 /usr/lib/libcrypto.so.1.0.1e 433ce000-433de000 r--p 001b1000 fd:01 928229 /usr/lib/libcrypto.so.1.0.1e 433de000-433e5000 rw-p 001c1000 fd:01 928229 /usr/lib/libcrypto.so.1.0.1e 433e5000-433e8000 rw-p 00000000 00:00 0
MIME-Version: 1.0
X-Spam-Flag: NO
X-Virus-Scanned: Debian amavisd-new at bestpractical.com
content-type: text/plain; charset="utf-8"
X-Source-Sender: (zulu.localnet) [58.96.35.135]:34957
X-RT-Original-Encoding: utf-8
X-Spam-Score: -4.786
X-Source-Cap: bWlrZW07bWlrZW07Z2F0b3I0MTI5Lmhvc3RnYXRvci5jb20=
Received: from localhost (localhost [127.0.0.1]) by hipster.bestpractical.com (Postfix) with ESMTP id E3A3F2401ED for <cpan-bug+Crypt-OpenSSL-EC [...] hipster.bestpractical.com>; Wed, 28 Jan 2015 18:48:16 -0500 (EST)
Received: from hipster.bestpractical.com ([127.0.0.1]) by localhost (hipster.bestpractical.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BfxwWMtEgbXC for <cpan-bug+Crypt-OpenSSL-EC [...] hipster.bestpractical.com>; Wed, 28 Jan 2015 18:48:14 -0500 (EST)
Received: from la.mx.develooper.com (x1.develooper.com [207.171.7.70]) by hipster.bestpractical.com (Postfix) with SMTP id 7A12F2400DA for <bug-Crypt-OpenSSL-EC [...] rt.cpan.org>; Wed, 28 Jan 2015 18:48:14 -0500 (EST)
Received: (qmail 7058 invoked by alias); 28 Jan 2015 23:48:13 -0000
Received: from gateway13.websitewelcome.com (HELO gateway13.websitewelcome.com) (69.93.243.26) by la.mx.develooper.com (qpsmtpd/0.28) with ESMTP; Wed, 28 Jan 2015 15:48:11 -0800
Received: by gateway13.websitewelcome.com (Postfix, from userid 5007) id 9B6586B1C4E80; Wed, 28 Jan 2015 17:48:07 -0600 (CST)
Received: from gator4129.hostgator.com (gator4129.hostgator.com [192.185.4.141]) by gateway13.websitewelcome.com (Postfix) with ESMTP id 935426B1C4E5B for <bug-Crypt-OpenSSL-EC [...] rt.cpan.org>; Wed, 28 Jan 2015 17:48:07 -0600 (CST)
Received: from [58.96.35.135] (port=34957 helo=zulu.localnet) by gator4129.hostgator.com with esmtpsa (UNKNOWN:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.82) (envelope-from <mikem [...] airspayce.com>) id 1YGcL9-0004KK-2t for bug-Crypt-OpenSSL-EC [...] rt.cpan.org; Wed, 28 Jan 2015 17:48:07 -0600
Delivered-To: cpan-bug+Crypt-OpenSSL-EC [...] hipster.bestpractical.com
Subject: Re: [rt.cpan.org #101793] SEGV and core dump when EC_POINT object goes out of scope
X-Spam-Check-BY: la.mx.develooper.com
Date: Thu, 29 Jan 2015 09:48:05 +1000
X-Spam-Level:
X-Bwhitelist: no
To: bug-Crypt-OpenSSL-EC [...] rt.cpan.org
Content-Transfer-Encoding: 7Bit
X-Source:
X-Source-Args:
In-Reply-To: <rt-4.0.18-15170-1422455643-245.101793-4-0 [...] rt.cpan.org>
X-Spam-Status: No, score=-4.786 tagged_above=-99.9 required=10 tests=[AWL=1.114, BAYES_00=-1.9, FROM_OUR_RT=-4, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
X-Source-Dir:
X-RT-Interface: API
References: <RT-Ticket-101793 [...] rt.cpan.org> <rt-4.0.18-15170-1422455643-245.101793-4-0 [...] rt.cpan.org>
Message-ID: <2757146.4QVLNO4QRS [...] zulu>
X-Source-Auth: mikem [...] airspayce.com
X-Antiabuse: This header was added to track abuse, please include it with any abuse report
X-Antiabuse: Primary Hostname - gator4129.hostgator.com
X-Antiabuse: Original Domain - rt.cpan.org
X-Antiabuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-Antiabuse: Sender Address Domain - airspayce.com
Organization: AirSpayce Pty Ltd
X-Source-Ip: 58.96.35.135
User-Agent: KMail/4.11.5 (Linux/3.11.10-25-desktop; KDE/4.11.5; i686; ; )
Return-Path: <mikem [...] airspayce.com>
X-RT-Mail-Extension: crypt-openssl-ec
X-Original-To: cpan-bug+Crypt-OpenSSL-EC [...] hipster.bestpractical.com
X-Exim-ID: 1YGcL9-0004KK-2t
X-Email-Count: 1
From: Mike McCauley <mikem [...] airspayce.com>
RT-Message-ID: <rt-4.0.18-12310-1422488897-234.101793-0-0 [...] rt.cpan.org>
Content-Length: 4377
Download (untitled) / with headers
text/plain 4.2k
Thanks Dick, new version 0.9 uploaded should fix this. Cheers. On Wednesday, January 28, 2015 09:34:03 AM you wrote: Show quoted text
> Wed Jan 28 09:34:02 2015: Request 101793 was acted upon. > Transaction: Ticket created by rwfranks@acm.org > Queue: Crypt-OpenSSL-EC > Subject: SEGV and core dump when EC_POINT object goes out of scope > Broken in: 0.8 > Severity: Important > Owner: Nobody > Requestors: rwfranks@acm.org > Status: new > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=101793 > > > > # Script fragment: > > #!/usr/bin/perl > # > use 5.18.4; > use Crypt::OpenSSL::Bignum 0.04; > use Crypt::OpenSSL::EC 0.8; > > do { > my $nid = 415; # NID_X9_62_prime256v1 > my $group = Crypt::OpenSSL::EC::EC_GROUP::new_by_curve_name($nid); > my $ctx = Crypt::OpenSSL::Bignum::CTX->new(); > my $order = Crypt::OpenSSL::Bignum->zero; > $group->get_order( $order, $ctx ); > my $eckey = Crypt::OpenSSL::EC::EC_KEY::new() || die; > $eckey->set_group($group) || die; > $eckey->generate_key() || die; > my $bignum = $eckey->get0_private_key(); > print '$bignum ', $bignum, "\n"; > my $binary = $bignum->to_bin; > > my $K = $eckey->get0_public_key(); > print '$K: ', $K, "\n"; > }; > > print "exit;\n"; > exit; > > __END__ > > # produces (usually, but not always): > > $ perl -w specimen.pl > $bignum Crypt::OpenSSL::Bignum=SCALAR(0x95434e0) > $K: Crypt::OpenSSL::EC::EC_POINT=SCALAR(0x955d110) > *** Error in `perl': double free or corruption (!prev): 0x095ed420 *** > ======= Backtrace: ========= > /lib/libc.so.6[0x4a9a6143] > /lib/libc.so.6[0x4a9adcba] > /lib/libcrypto.so.10(CRYPTO_free+0x35)[0x4325c875] > /lib/libcrypto.so.10(EC_POINT_free+0x2f)[0x432a0d6f] > /lib/libcrypto.so.10(EC_KEY_free+0x76)[0x432aaba6] > /home/rwf/perl5/lib/perl5/i386-linux-thread-multi/auto/Crypt/OpenSSL/EC/EC.s > o(+0x4b36)[0xb7512b36] > /lib/libperl.so.5.18(Perl_pp_entersub+0x55a)[0x41700eda] > /lib/libperl.so.5.18(Perl_call_sv+0x639)[0x41681a99] > /lib/libperl.so.5.18[0x41709eff] > /lib/libperl.so.5.18(Perl_sv_clear+0x3f4)[0x4170a5c4] > /lib/libperl.so.5.18(Perl_sv_free2+0xdb)[0x4170acdb] > /lib/libperl.so.5.18(Perl_sv_unref_flags+0x6b)[0x4170b0fb] > /lib/libperl.so.5.18(Perl_sv_force_normal_flags+0x120)[0x41710af0] > /lib/libperl.so.5.18(Perl_leave_scope+0xd34)[0x417311e4] > /lib/libperl.so.5.18(Perl_pop_scope+0x34)[0x41731724] > /lib/libperl.so.5.18(Perl_pp_leave+0xbd)[0x4173c16d] > /lib/libperl.so.5.18(Perl_runops_standard+0x3f)[0x416f8daf] > /lib/libperl.so.5.18(perl_run+0x2d1)[0x41688f61] > perl[0x8048a15] > /lib/libc.so.6(__libc_start_main+0xf3)[0x4a951b73] > perl[0x8048a49] > ======= Memory map: ======== > 08048000-08049000 r-xp 00000000 fd:01 943669 /usr/bin/perl > 08049000-0804a000 r--p 00000000 fd:01 943669 /usr/bin/perl > 0804a000-0804b000 rw-p 00001000 fd:01 943669 /usr/bin/perl > 09540000-09628000 rw-p 00000000 00:00 0 [heap] > 41646000-417d0000 r-xp 00000000 fd:01 943666 /usr/lib/libperl.so.5.18.4 > 417d0000-417d3000 r--p 00189000 fd:01 943666 /usr/lib/libperl.so.5.18.4 > 417d3000-417d7000 rw-p 0018c000 fd:01 943666 /usr/lib/libperl.so.5.18.4 > 41c9f000-41d00000 r-xp 00000000 fd:01 921988 /usr/lib/libfreebl3.so > 41d00000-41d01000 ---p 00061000 fd:01 921988 /usr/lib/libfreebl3.so > 41d01000-41d02000 r--p 00061000 fd:01 921988 /usr/lib/libfreebl3.so > 41d02000-41d03000 rw-p 00062000 fd:01 921988 /usr/lib/libfreebl3.so > 41d03000-41d07000 rw-p 00000000 00:00 0 > 41d09000-41d10000 r-xp 00000000 fd:01 923385 /usr/lib/libcrypt-2.18.so > 41d10000-41d11000 r--p 00006000 fd:01 923385 /usr/lib/libcrypt-2.18.so > 41d11000-41d12000 rw-p 00007000 fd:01 923385 /usr/lib/libcrypt-2.18.so > 41d12000-41d39000 rw-p 00000000 00:00 0 > 4321d000-433ce000 r-xp 00000000 fd:01 928229 > /usr/lib/libcrypto.so.1.0.1e 433ce000-433de000 r--p 001b1000 fd:01 928229 > /usr/lib/libcrypto.so.1.0.1e 433de000-433e5000 rw-p 001c1000 fd:01 928229 > /usr/lib/libcrypto.so.1.0.1e 433e5000-433e8000 rw-p 00000000 00:00 0
-- Mike McCauley VK4AMM mikem@airspayce.com Airspayce Pty Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.airspayce.com Phone +61 7 5598-7474


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.