[Pkg-gnutls-maint] Bug#402665: STARTTLS causes segfault

Andreas Metzler ametzler at downhill.at.eu.org
Sun Feb 4 17:36:28 CET 2007 

On 2007-02-04 Andreas Metzler <ametzler at downhill.at.eu.org> wrote:
> On 2007-02-03 William Boughton <murble-debbugs at yuri.org.uk> wrote:
> > On Sat, Feb 03, 2007 at 10:30:59AM +0100, Andreas Metzler wrote:
> [...] 
> >> What arch are you on? I do not see this on etch/ix86.

> > x86_64
> [...]
> > I have been unable to reproduce this on x86_32.  It also doesn't
> > happen in a x86_32 etch chroot on the same machine amd64(x86_64).

> Hello,
> I could reproduce this on pergolesi.debian.org's amd64 chroots with
> 1.4.4 however there is currently some stuff missing for properly
> debugging it. I have emailed debian-admin to get it installed.

I have used LD_LIBRARY_PATH as workaround.
As you have already noted the trrigger is the very last certificate in
the file

-----BEGIN CERTIFICATE-----   <---- note whitespace here!
MIIDmTCCAwKgAwIBAgIJAMyJZWWIII1aMA0GCSqGSIb3DQEBBAUAMIGQMQswCQYD
[...]

The actual crash happens in x509_b64.c:479 _gnutls_fbase64_decode()
since it somehow gets passed on the wrong data_size=1475 (instead of the
correct data_size=1313).

> It seems to be fixed in 1.6.x.
[...]

This patch in 1.6.x and later versions seems to fix the issue:

2006-06-16  Simon Josefsson <simon at josefsson.org>

        * configure.in, lib/Makefile.am, lib/gnutls_x509.c,
        libextra/gnutls_openpgp.c: Use read_binary_file from gnulib instead
        of strfile stuff, to fix problem with binary files on mingw.

I am not sure about the severity of this bug, whether we should try to
squeeze the fix into etch.

cu and- fix pulled from cvs attached -reas

cvs diff -D 'Jun 16 13:27:36 2006 UTC' -D 'Jun 16 13:33:36 2006 UTC'
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: use.read_binary_file.diff
Type: text/x-diff
Size: 10224 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20070204/df998ea2/use.read_binary_file.bin

More information about the Pkg-gnutls-maint mailing list