openssl: Openssl 1.1.1i Segmentation fault on Solaris 10 i386

Openssl 1.1.1i s_client cannot be used on Solaris 10 i386.

git-bisect identified that the issue started to appear after https://github.com/openssl/openssl/commit/53eb05bdf00d7237e3b12976c2ac38d68206eb13:

Starting program: /var/tmp/tmp.z1a4De/openssl-1.1.1i/apps/openssl s_client -showcerts -connect www.puppet.com:443
[Thread debugging using libthread_db enabled]
[New Thread 1 (LWP 1)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1 (LWP 1)]
0xfed56a92 in ctr_BCC_block (ctr=<optimized out>, len=48, in=0x8047144 "", out=0x81130a0 "") at crypto/rand/drbg_ctr.c:71
71              out[i] ^= in[i];
(gdb) backtrace
#0  0xfed56a92 in ctr_BCC_block (ctr=<optimized out>, len=48, in=0x8047144 "", out=0x81130a0 "") at crypto/rand/drbg_ctr.c:71
#1  ctr_BCC_init (ctr=0x8113044) at crypto/rand/drbg_ctr.c:110
#2  ctr_df (in3len=<optimized out>, in3=<optimized out>, in2len=<optimized out>, in2=<optimized out>, in1len=<optimized out>, in1=<optimized out>, ctr=0x8113044)
    at crypto/rand/drbg_ctr.c:171
#3  ctr_update (drbg=drbg@entry=0x8112fe0, 
    in1=in1@entry=0x811d060 "Z\333\025\066\337\061\067\324\236bc\310\377z\274U\006\037\271\364$Q\365\263\036@m\354\203\326\334\006", in1len=in1len@entry=32, 
    in2=in2@entry=0xfede70c0 <ossl_pers_string> "OpenSSL NIST SP 800-90A DRBG", in2len=in2len@entry=28, nonce=nonce@entry=0x811d098 <incomplete sequence \370\131>, 
    noncelen=noncelen@entry=24) at crypto/rand/drbg_ctr.c:254
#4  0xfed58480 in drbg_ctr_instantiate (drbg=<optimized out>, entropy=<optimized out>, entropylen=<optimized out>, nonce=<optimized out>, noncelen=<optimized out>, 
    pers=<optimized out>, perslen=<optimized out>) at crypto/rand/drbg_ctr.c:286
#5  0xfed58c4d in RAND_DRBG_instantiate (drbg=drbg@entry=0x8112fe0, pers=pers@entry=0xfede70c0 <ossl_pers_string> "OpenSSL NIST SP 800-90A DRBG", 
    perslen=perslen@entry=28) at crypto/rand/drbg_lib.c:355
#6  0xfed59c73 in drbg_setup (parent=0x0) at crypto/rand/drbg_lib.c:895
#7  do_rand_drbg_init () at crypto/rand/drbg_lib.c:924
#8  do_rand_drbg_init_ossl_ () at crypto/rand/drbg_lib.c:909
#9  0xfeb3aa8d in pthread_once () from /lib/libc.so.1
#10 0xfed88223 in CRYPTO_THREAD_run_once (once=once@entry=0xfee2d900 <rand_drbg_init>, init=init@entry=0xfed59ba0 <do_rand_drbg_init_ossl_>)
    at crypto/threads_pthread.c:118
#11 0xfed5a11a in RAND_DRBG_get0_public () at crypto/rand/drbg_lib.c:1116
#12 0xfed5a204 in drbg_bytes (out=0x8107470 "", count=16) at crypto/rand/drbg_lib.c:966
#13 0xfed5b890 in RAND_bytes (buf=buf@entry=0x8107470 "", num=num@entry=16) at crypto/rand/rand_lib.c:939
#14 0xfef321f4 in SSL_CTX_new (meth=meth@entry=0xfef882c0 <TLS_client_method_data.21525>) at ssl/ssl_lib.c:3058
#15 0x08092504 in s_client_main (argc=<optimized out>, argv=0x8047d24) at apps/s_client.c:1699
#16 0x0808083e in do_cmd (prog=prog@entry=0x80ffd90, argc=argc@entry=4, argv=argv@entry=0x8047d24) at apps/openssl.c:570
#17 0x080c243a in main (argc=4, argv=0x8047d24) at apps/openssl.c:189

About this issue

Original URL
State: open
Created 4 years ago
Comments: 17 (10 by maintainers)

Commits related to this issue

(PA-3698) Fix openssl compilation on Solaris 10 i386 Due to a limitation in the gcc compiler on Solaris 10 i386 we have to add an additional cflag when compiling to ensure correct stack alignment. [... — committed to GabrielNagy/puppet-runtime by GabrielNagy 3 years ago

Most upvoted comments

I think this is a compiler issue (https://gcc-bugs.gcc.gnu.narkive.com/2G0QrHKo/bug-target-62281-new-gcc-doesn-t-conform-to-solaris-32-bit-abi-by-expecting-16-byte-stack-alignment), not sure if it should be fixed in openssl

ciprianbadescu on Nov 19, 2021