OpenSSL 0.9.8k seg. faults
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openssl (Ubuntu) |
Expired
|
Undecided
|
Unassigned | ||
Bug Description
I observe wrong behavior of OpenSSL library in error cases. I.e. when trying to convert DER encoded (malformed in fact) public key into internal OpenSSL structures I get core dump of the whole application. But it seems, it is applicable only in multi threaded environment.
The test case is attached, the command line to compile is: g++ -o d2i d2i.cc -lcrypto -lpthread
~/c-tests/openssl$ lsb_release -rd
Description: Ubuntu 10.04.3 LTS
Release: 10.04
~/c-tests/openssl$ apt-cache policy libssl-dev
libssl-dev:
Installed: 0.9.8k-7ubuntu8.8
Candidate: 0.9.8k-7ubuntu8.8
Version table:
*** 0.9.8k-7ubuntu8.8 0
500 http://
500 http://
100 /var/lib/
0.
500 http://
| Mikhail Kulinich (tysonite) wrote | #1 |
| Maarten Bezemer (veger) wrote | #2 |
| Changed in openssl (Ubuntu): | |
| status: | New → Incomplete |
| Launchpad Janitor (janitor) wrote | #3 |
| Changed in openssl (Ubuntu): | |
| status: | Incomplete → Expired |
Thank you for taking the time to report this bug and helping to make Ubuntu better. We are sorry that we do not always have the capacity to look at all reported bugs in a timely manner. There have been many changes in Ubuntu since that time you reported the bug and your problem may have been fixed with some of the updates.
I tried your test case with openssl 1.0.1-4ubuntu5 and it did not give any problems:
$ ./d2i
In main: creating thread 0
In main: creating thread 1
In main: creating thread 2
In main: creating thread 3
In main: creating thread 4
It would help us a lot if you could test it using a newer version of openssl to see whether it also solves your problems. When you test it and it is still an issue, kindly upload the updated logs by running apport-collect 942060 and any other logs that are relevant for this particular issue.