[Pkg-openssl-devel] Bug#917616: openssl: `openssl speed foobar` segfaults

Yuriy M. Kaminskiy yumkam+debian at gmail.com
Sat Dec 29 10:21:50 GMT 2018 

Package: openssl
Version: 1.1.0j-1~deb9u1
Severity: minor
Tags: patch stretch upstream

Dear Maintainer,

    * What led up to the situation?

Invoking `openssl speed` with unrecognized/unsupported algorithm, e.g.
   openssl speed foobar
or even
   openssl speed help

    * What was the outcome of this action?

openssl segfaults.

    * What outcome did you expect instead?

Error message/list of supported algorithms/etc

gdb backtrace:
(gdb) bt
#0  __strcmp_ia32 () at ../sysdeps/i386/i686/multiarch/../strcmp.S:34
#1  0x566a488e in opt_found (nbelem=<optimized out>, 
pairs=0x566ddc28 <ecdh_choices+136>, result=<optimized out>, 
name=<optimized out>) at ../apps/speed.c:298
#2  speed_main (argc=1, argv=0xff8b192c) at ../apps/speed.c:1515
#3  0x56667615 in do_cmd (prog=0x584b4c20, argc=2, argv=0xff8b1928)
     at ../apps/openssl.c:476
#4  0x56667d19 in main (argc=2, argv=0xff8b1928) at ../apps/openssl.c:181

This bug apparently was introduced in
commit 4e07941373ac17086ab4e601950c4ca148e8bb31
due to mismerge of cherry-picked commit 
5c6a69f539a5eb66a1afa4e2904d8a27e9b534c3

I have not run-tested, but from looking at sources, it should not be 
present in openssl-1.1.1 or master (so only stretch is affected).

(Untested) patch attached.

-- System Information:
Debian Release: 9.6
   APT prefers stable-updates
   APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 
'proposed-updates-debug'), (500, 'proposed-updates'), (500, 'stable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.9.0-6-amd64 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R), 
LANGUAGE=ru_RU.KOI8-R (charmap=KOI8-R)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssl depends on:
ii  libc6      2.24-11+deb9u3
ii  libssl1.1  1.1.0j-1~deb9u1

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates  20161130+nmu1+deb9u1

-- no debconf information

-------------- next part --------------
diff --git a/apps/speed.c b/apps/speed.c
index 6672fe606a..4595cc602c 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -537,7 +537,6 @@ static const OPT_PAIR ecdh_choices[] = {
     {"ecdhb409", R_EC_B409},
     {"ecdhb571", R_EC_B571},
     {"ecdhx25519", R_EC_X25519},
-    {NULL}
 };
 # define EC_NUM       OSSL_NELEM(ecdh_choices)

More information about the Pkg-openssl-devel mailing list