[Pkg-openssl-devel] Bug#670581: Bug#670581: openssl: ntpd segfaults with error 4 in libcrypto.so.0.9.8 on Debian squeeze
Andris Kalnozols
andris at hpl.hp.com
Tue May 1 00:25:44 UTC 2012
On 4/30/2012 3:07 AM, Kurt Roeckx wrote:
> On Sun, Apr 29, 2012 at 05:13:39PM -0700, Andris Kalnozols wrote:
>> I also added the following code:
>>
>> --- ntp_crypto.c.orig 2009-12-08 23:36:35.000000000 -0800
>> +++ ntp_crypto.c 2012-04-29 15:16:50.181208921 -0700
>> @@ -230,6 +230,38 @@
>> break;
>> }
> Can you add this line:
> EVP_MD_CTX_init(&ctx);
>
> Before this line:
>
>> EVP_DigestInit(&ctx, EVP_get_digestbynid(crypto_nid));
> The documentation clearly says that ctx must be initialized before
> calling EVP_DigestInit{_ex}
>
>
>
> Kurt
>
I added the EVP_MD_CTX_init() routine as suggested but still get the
same failure after a while:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff7fe8700 (LWP 2771)]
0x00007ffff767eec3 in EVP_DigestUpdate (ctx=0x7fffffffda30,
data=0x7fffffffd9c0, count=16) at digest.c:325
325 digest.c: No such file or directory.
in digest.c
(gdb) bt full
#0 0x00007ffff767eec3 in EVP_DigestUpdate (ctx=0x7fffffffda30,
data=0x7fffffffd9c0, count=16) at digest.c:325
No locals.
#1 0x000000000041e99b in session_key (srcadr=0x7070f0, dstadr=0x70d1b0,
keyno=0, private=1378153285, lifetime=0) at ntp_crypto.c:266
ctx = {digest = 0x0, engine = 0x0, flags = 0, md_data = 0x0}
dgst = "\016\000\000\000\000\000\000\000\320\341\377\377\377\177\000\000P\337\377\377\377\177\000\000P\266\377\367\377\177\000\000\370\337\377\377\377\177\000\000\214\031A\000\000\000\000\000`\332\377\377\377\177\000\000\000\000\000\000\000\000\000"
keyid = 32767
header = {3096497361, 84048844, 0, 1173562450, 0, 0, 4779203, 0, 4779203, 0}
hdlen = 16
len = 32767
30 Apr 13:30:59 ntpd[2771]: session_key() IPv4 data: header[0]=3096497361, src_addr=209.204.144.184,
header[1]=84048844, dst_addr=204.123.2.5
30 Apr 13:30:59 ntpd[2771]: remaining session_key() data [host byte order]: hdlen=16, keyno=0,
private=1378153285, crypto_nid=4, ctx.flags=0
According to the EVP_DigestInit(3SSL) man page installed on my system, I see this:
EVP_DigestInit() behaves in the same way as EVP_DigestInit_ex() except
the passed context ctx does not have to be initialized, and it always
uses the default digest implementation.
So it appears that NTP's session_key() is calling the digest routines correctly.
In `digest.c', the failing line of code seems to involve a function pointer
if I'm interpreting the EVP_MD structure correctly from `crypto/evp/evp.h:
int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
I made a guess that *update pointed to HASH_UPDATE() in `crypto/md32_common.h'
and put in some debugging statements there. However, when running the NTP daemon
in the foreground, there was no output from any of the HASH_UPDATE() printf()
statements prior to the segfault.
Regards,
Andris
More information about the Pkg-openssl-devel
mailing list