Crashes with segmentation fault operating asn1_meth_table

Bug #972783 reported by Märt Põder on 2012-04-03
20
This bug affects 4 people
Affects Status Importance Assigned to Milestone
openssl (Ubuntu)
High
Unassigned

Bug Description

Trying to update Server Access Certificate with DigiDoc client for Estonian ID cards crashes implicating an OpenSSL problem.

The problem has been there from OpenSSL 1.0.0, but does not happen using OpenSSL 0.9.8.

Debugging with Valgrind gives variety of:

Invalid free() / delete / delete[] / realloc()
Invalid write of size n
Invalid read of size n

The context is:

==5779== at 0x402B06C: free (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==5779== by 0x6A818C9: CRYPTO_free (mem.c:393)
==5779== by 0x6AEB82A: engine_free_util (eng_lib.c:136)
==5779== by 0x6AEC798: engine_unlocked_finish (eng_init.c:112)
==5779== by 0x6AED607: engine_table_register (eng_table.c:178)
==5779== by 0x6AEFC7A: ENGINE_set_default_pkey_asn1_meths (tb_asnmth.c:106)
==5779== by 0x6AEE3B7: ENGINE_set_default (eng_fat.c:96)

I'm currently testing it on Ubuntu 12.04 beta 2 with

* opensc 0.12.1-1ubuntu4
* libssl1.0.0 1.0.1-2ubuntu4
* qdigidoc 0.4.0-0ubuntu4

The problem has been also tested on Oneiric and discussed in some length at: http://code.google.com/p/esteid/issues/detail?id=168

I attach also some debug logs.

Märt Põder (boamaod) wrote :
Martin-Éric Racine (q-funk) wrote :

Setting severity to High, as this works fine on other distributions featuring the same upstream versions of the dependencies.

Changed in openssl (Ubuntu):
importance: Undecided → Medium
importance: Medium → High
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in openssl (Ubuntu):
status: New → Confirmed
Märt Põder (boamaod) wrote :

The new OpenSSL 1.0.1-4ubuntu1 didn't change the situation.

Colin Watson (cjwatson) wrote :

The linked esteid bug only mentions success on Fedora, and an unspecified version. Exactly what other distributions and versions of OpenSSL has this been verified on either way? Does it happen using the current OpenSSL packages in Debian unstable? Does it happen using unpatched OpenSSL upstream source with the same compiler flags as used in Debian?

Märt Põder (boamaod) wrote :

I confirm that the bug occurs on Debian unstable with the latest packages, including openssl 1.0.1a-3

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers