Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[openssl.org #1264] OpenSSL-0.9.8a SIGSEGV in bn_mul_add_words()

27 views
Skip to first unread message

via RT

unread,
Jan 4, 2006, 4:01:58 AM1/4/06
to

I tried to compile 0.9.8a on a Redhat 6.2 box. I get this:



> LD_LIBRARY_PATH=/usr/src/redhat/BUILD/openssl-0.9.8a gdb test/rsa_test

GNU gdb 19991004

Copyright 1998 Free Software Foundation, Inc.

GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain

conditions.

Type "show copying" to see the conditions.

There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i386-redhat-linux"...

(gdb) run

Starting program: /usr/src/redhat/BUILD/openssl-0.9.8a/test/rsa_test



Program received signal SIGSEGV, Segmentation fault.

0x400c40f1 in bn_mul_add_words () from

/usr/src/redhat/BUILD/openssl-0.9.8a/libcrypto.so.6

(gdb) bt

#0 0x400c40f1 in bn_mul_add_words () from

/usr/src/redhat/BUILD/openssl-0.9.8a/libcrypto.so.6

#1 0x10 in ?? ()

Cannot access memory at address 0xbeb74600



I tried to add -g in the gcc options, but I still don't get any more

detailed backtrace.



OpenSSL 0.9.8a 11 Oct 2005

built on: Mon Jan 2 10:20:09 EET 2006

options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long)
aes(partial)
+blowfish(idx)

compiler: gcc -g -I/scratch/linux/zlib-1.2.3 -fPIC -DOPENSSL_PIC -DZLIB

+-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -D HAVE_DLFCN_H -DSHA1_ASM -
DMD5_ASM
+-DRMD160_ASM -DAES_ASM -DL_ENDIAN -DTERMIO -Wall -
DOPENSSL_BN_ASM_PART_WORDS
+-DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM



This happens with both gcc gcc-2.96-112.7.1 and gcc 3.3.



It happens on an Pentium 3 box and on a Pentium 75.



Also, if I compile openssh against that openssl version, I get



> gdb /usr/sbin/sshd

GNU gdb 19991004

Copyright 1998 Free Software Foundation, Inc.

GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain

conditions.

Type "show copying" to see the conditions.

There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i386-redhat-linux"...(no debugging symbols

found)...

(gdb) run

Starting program: /usr/sbin/sshd

(no debugging symbols found)...

Program received signal SIGSEGV, Segmentation fault.

0x808f971 in BN_pseudo_rand ()

(gdb) bt

#0 0x808f971 in BN_pseudo_rand ()

Cannot access memory at address 0xbb913da

(gdb) quit



Some of the functions run fine, for example "openssl speed aes".





Openssl-0.9.8a compiled on a Fedora Core box with gcc-4.1.0-0.12 appears
to
run just fine.

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List opens...@openssl.org
Automated List Manager majo...@openssl.org

via RT

unread,
Jan 4, 2006, 4:03:06 AM1/4/06
to

[guest - Wed Jan 4 10:01:33 2006]:

Oh, and make test fails at:



(...)

../util/shlib_wrap.sh ./casttest

ecb cast5 ok

This test will take some time....123456789ABCDEF ok

../util/shlib_wrap.sh ./randtest

test 1 done

test 2 done

test 3 done

test 4 done

starting big number library test, could take a while...

test BN_add

test BN_sub

test BN_lshift1

test BN_lshift (fixed)

test BN_lshift

test BN_rshift1

test BN_rshift

test BN_sqr

make[1]: *** [test_bn] Error 139

make[1]: Leaving directory /usr/src/redhat/BUILD/openssl-0.9.8a/test'

make: *** [tests] Error 2





could this be related to the BN_add problem with older gcc that was
reported
in

http://marc.theaimsgroup.com/?l=openssl-dev&m=113475981017499&w=2

via RT

unread,
Jan 4, 2006, 4:03:45 AM1/4/06
to

I rebuild everything from scratch (tar ball taken from openssl.org, not
from
redhat), and this time I don't get the error. I went through the redhat

patches a couple of times, most of them are configuration file changes
or
patches to other archs - I really couldn't find anything remotely
relevant.
It may be the difference between the redhat Configure options and the
ones I
chose when building from scratch.



When the error happened, -O2/-O3/-g made no difference, though.



Weird.

via RT

unread,
Jan 4, 2006, 4:30:38 AM1/4/06
to

Now I was able to reproduce this with virgin openssl.org tarball:

tar xzf /scratch/linux/openssl-0.9.8a.tar.gz
cd openssl-0.9.8a

=======================================================
./Configure \
--prefix=/usr --openssldir=/etc/pki/tls \
zlib no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa shared no-
krb5 \
\
linux-elf

make clean depend ; make

cd test; make test_bn; cd ..


starting big number library test, could take a while...
test BN_add
test BN_sub
test BN_lshift1
test BN_lshift (fixed)
test BN_lshift
test BN_rshift1
test BN_rshift
test BN_sqr

make: *** [test_bn] Error 139
=======================================================

(And all the other failures I mentioned before).

I tried this procedure with gcc-2.96-112.7.1 and gcc-3.3 on the RH62
box. Both fail.

What is weird is that with
./Configure \
--prefix=/usr --openssldir=/etc/pki/tls \
zlib no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa no-shared no-
krb5 \
\
\
linux-elf

it does NOT fail with either compiler.

So the difference is no-shared vs. shared.

Please Cc: v...@iki.fi if you need more information.

0 new messages