creating SRP file crashes openssl

Bug #1551274 reported by Muelli on 2016-02-29
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
openssl (Ubuntu)
High
Unassigned

Bug Description

the following, with "test", "test" as passwords, make openssl crash:

touch passwd.srpv ; openssl srp -srpvfile passwd.srpv -add user

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: openssl 1.0.2f-2ubuntu1
ProcVersionSignature: Ubuntu 4.4.0-4.19-generic 4.4.1
Uname: Linux 4.4.0-4-generic x86_64
ApportVersion: 2.20-0ubuntu3
Architecture: amd64
CurrentDesktop: GNOME
Date: Mon Feb 29 16:15:20 2016
InstallationDate: Installed on 2015-12-02 (89 days ago)
InstallationMedia: Ubuntu-GNOME 16.04 LTS "Xenial Xerus" - Alpha amd64 (20151027)
SourcePackage: openssl
UpgradeStatus: No upgrade log present (probably fresh install)

The following patch helps me

--- openssl-1.0.2f/crypto/srp/srp_vfy.c 2016-01-28 14:38:31.000000000 +0100
+++ openssl-1.0.2f-patched/crypto/srp/srp_vfy.c 2016-03-02 12:18:01.320339059 +0100
@@ -588,8 +588,12 @@
         BN_free(N_bn);
         BN_free(g_bn);
     }
- OPENSSL_cleanse(vf, vfsize);
- OPENSSL_free(vf);
+
+ if (vf) {
+ OPENSSL_cleanse(vf, vfsize);
+ OPENSSL_free(vf);
+ }
+
     BN_clear_free(s);
     BN_clear_free(v);
     return result;

note that it seems to be fixed in more recent openssl versions.

tags: added: patch
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in openssl (Ubuntu):
status: New → Confirmed
Changed in openssl (Ubuntu):
importance: Undecided → High
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers