openssl: Calling RAND_DRBG_get0_public without locks initialized segfaults on platforms without atomics
Hi ,every experts. I am newbie in Openssl. I have a issue when call RAND_DRBG_get0_public in program. The following is the detail information,please help to check what’s wrong? Thanks in advance.
uname -a
Linux linux 2.6.32.45-0.3-default #1 SMP 2011-08-22 10:12:58 +0200 x86_64 x86_64 x86_64 GNU/Linux
cat /etc/SuSE-release
SUSE Linux Enterprise Server 11 (x86_64)
VERSION = 11
PATCHLEVEL = 1
code snap:
static RAND_DRBG *public_drbg;
bool init_drbg(void)
{
unsigned int reseedinterval = 0;
time_t health_check_interval = 0;
public_drbg = RAND_DRBG_get0_public();
if (public_drbg == NULL)
{
return false;
}
}
core stack information:
#0 0x00007f7a8e455c8a in pthread_rwlock_wrlock () from /lib64/libpthread.so.0
(gdb) bt
#0 0x00007f7a8e455c8a in pthread_rwlock_wrlock () from /lib64/libpthread.so.0
#1 0x00007f7a8dee0d89 in CRYPTO_THREAD_write_lock () from /usr/local/lib64/libcrypto.so.1.1
#2 0x0000000000007cf7 in ?? ()
#3 0x00007f7a8dee0dcc in CRYPTO_atomic_add () from /usr/local/lib64/libcrypto.so.1.1
#4 0x5bf3984a0008b192 in ?? ()
#5 0x0000000000000000 in ?? ()
(gdb)
but when call like following
public_drbg = RAND_DRBG_new(NID_aes_256_ctr, 0, NULL);
the program is ok, not coredump will be issued.
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 24 (15 by maintainers)
Commits related to this issue
- Add a missing RUN_ONCE in rand_lib.c Some of the callbacks in rand_lib.c were being invoked without the RUN_ONCE for that file being called. We add it during rand_pool_new which should cover all case... — committed to mattcaswell/openssl by mattcaswell 3 years ago
- Add a missing RUN_ONCE in rand_lib.c Some of the callbacks in rand_lib.c were being invoked without the RUN_ONCE for that file being called. We add it during rand_pool_new which should cover all case... — committed to openssl/openssl by mattcaswell 3 years ago
- ossl111k merge (#298) * Prepare for 1.1.1j-dev Reviewed-by: Richard Levitte <levitte@openssl.org> * Fix typo in OPENSSL_malloc.pod CLA: trivial Reviewed-by: Tomas Mraz <tmraz@fedoraprojec... — committed to open-quantum-safe/openssl by baentsch 3 years ago
- Update to OpenSSL 1.1.1l (#330) * Prepare for 1.1.1j-dev Reviewed-by: Richard Levitte <levitte@openssl.org> * Fix typo in OPENSSL_malloc.pod CLA: trivial Reviewed-by: Tomas Mraz <tmraz@fe... — committed to open-quantum-safe/openssl by dstebila 3 years ago
- Merging OpenSSL 1.1.1m (#346) * Skip BOM when reading the config file Fixes #13840 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13857... — committed to open-quantum-safe/openssl by baentsch 3 years ago
Hi,
AFAIK, @kuncao is using SLES 11 SP1. This implies GCC 4.3. This implies no support for C11 atomics, nor the underlying GCC _atomic* builtins. This implies that the pthread locks code path is used.
However, based on code posted by @kuncao ,
do_rand_init()from rand_lib.c is never called through, since there is no call to e.g.RAND_poll(),RAND_get_rand_method(), etc. So, the pthread locks are… never initialized. Hence the crash.How to fix?
get_nonce()implementation have its pthread lock initialized before use? This sounds like the better option. Fortunately, this is implemented in the master branch, AFAICS. Unfortunately, this still is not the case for 1.1.x series.Do people agree with this analysis?
OMG! It looks like I was confusing the function calls with function definitions in the unformatted and improperly indented output. https://github.com/openssl/openssl/issues/7870#issuecomment-446429599. Thanks for reformatting it! And please forget everything that I said about the
RAND_DRBG_functions… 😊.