Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. gcrypt
segfault calling gcry_mpi_powm
gcrypt-devel at gnupg
Jan 4, 2021, 9:55 PM
Post #1 of 5 (359 views)
Permalink
Hi,

I'm dealing with a serious problem. My program is running into a
segfault, and I cannot solve that. I've been looking at it for more
than a week, and do not know why it segfaults.

I'm using gcry_mpi_powm to calculate the "e", "f" and shared key in
Diffie-Hellman key exchange.

a. the values p, g, x, e and f (all type gcry_mpi_t) are initialized
with gcry_mpi_new(0).

b. p and g are set to fixed values, read from hardcoded values using

gcry_mpi_scan

with format GCRYMPI_FMT_USG.

c. x is set using gcry_mpi_randomize.

d. e is calculated like : gcry_mpi_powm(e, g, x, p)

now the journal entries look like:

Jan 05 05:30:36 ws-001.bononline.nl kernel: traps: sonssc[6198]
general protection fault ip:7fa60c1e4359 sp:7fa60afbaa10 error:0 in
libc-2.32.so[7fa60c183000+148000]
Jan 05 05:30:36 ws-001.bononline.nl systemd[1]: Created slice
system-systemd\x2dcoredump.slice.
Jan 05 05:30:36 ws-001.bononline.nl systemd[1]: Started Process Core
Dump (PID 6212/UID 0).
Jan 05 05:30:36 ws-001.bononline.nl systemd-coredump[6213]: [?]
Process 6196 (sonssc) of user 0 dumped core.

Stack trace
of thread 6198:
#0
0x00007fa60c1e4359 n/a (libc.so.6 + 0x83359)
#1
0x00007fa60c6a7395 n/a (libgcrypt.so.20 + 0x10395)
#2
0x00007fa60c76910b n/a (libgcrypt.so.20 + 0xd210b)
#3
0x00005587f4b22ad4 n/a
(/home/sbon/Projects/fuse/fs-workspace/src/sonssc + 0x42ad4)
#4
0x87fc013cf9521000 n/a (n/a + 0x0)

and gdb backtrace looks like:

Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f20b7e5f359 in ?? () from /lib64/libc.so.6
[Current thread is 1 (Thread 0x7f20b6c37640 (LWP 15027))]
(gdb) bt
#0 0x00007f20b7e5f359 in () at /lib64/libc.so.6
#1 0x00007f20b8322395 in () at /usr/lib64/libgcrypt.so.20
#2 0x00007f20b83e410b in () at /usr/lib64/libgcrypt.so.20
#3 0x000055e95c8bbad4 in dh_create_local_key (k=0x7f20b6c36730) at
ssh/keyexchange/dh.c:350
#4 0x000055e95c8bc939 in start_diffiehellman_client
(connection=0x7f20a40021c0, k=0x7f20b6c36730, H=0x7f20b6c36100) at
ssh/keyexchange/key-exchange.c:389

I'm stuck here. Can somebody help me here?

Thanks in advance,

Stfe Bon
the Netherlands

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
Re: segfault calling gcry_mpi_powm [ In reply to ]
gcrypt-devel at gnupg
Jan 10, 2021, 8:05 PM
Post #2 of 5 (354 views)
Permalink
Hi,

I'm still busy tracking this segfault.
I've compiled the latest git version of libgcrypt, installed in
/home/sbon/usr, add some debug flags,
and made sonssc link against it, and again the same segfault, but now
with more information:

coredump gdb gives oa:

(gdb) bt
#0 0x00007f6f1245d489 in () at /lib64/libc.so.6
#1 0x00007f6f1294a9d5 in _gcry_free (p=0x7f6f0c001458) at global.c:1035
#2 0x00007f6f12a138bf in _gcry_mpi_free_limb_space (a=<optimized
out>, nlimbs=<optimized out>) at mpiutil.c:158
#3 0x00007f6f12a0feeb in _gcry_mpi_powm (res=0x7f6f0c00c5c8,
base=<optimized out>, expo=<optimized out>, mod=<optimized out>) at
mpi-pow.c:744
#4 0x00007f6f12946db5 in gcry_mpi_powm (w=<optimized out>,
b=<optimized out>, e=<optimized out>, m=<optimized out>) at
visibility.c:460
#5 0x00005613647db46b in dh_create_local_key (k=0x7f6f11a5c6f0) at
ssh/keyexchange/dh.c:350
#6 0x00005613647dc2b5 in start_diffiehellman_client
(connection=connection@entry=0x7f6f0c002340, k=k@entry=0x7f6f11a5c6f0,
H=H@entry=0x7f6f11a5c130)
at ssh/keyexchange/key-exchange.c:390

Now something is getting more clear. Is it possible that the
_gcry_free function assumes it is dealing with secure memory?

Stef

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
Re: segfault calling gcry_mpi_powm [ In reply to ]
gcrypt-devel at gnupg
Jan 15, 2021, 6:28 AM
Post #3 of 5 (348 views)
Permalink
On Mon, 11 Jan 2021 05:05, Stef Bon said:
> #3 0x00007f6f12a0feeb in _gcry_mpi_powm (res=0x7f6f0c00c5c8,
> base=<optimized out>, expo=<optimized out>, mod=<optimized out>) at
> mpi-pow.c:744

This is

for (i = 0; i < (1 << (W - 1)); i++)
_gcry_mpi_free_limb_space( precomp[i], esec ? precomp_size[i] : 0 );
_gcry_mpi_free_limb_space (base_u, esec ? max_u_size : 0);

and not easy to decide what's going wrong with this internally allocated
memory. We need to replicate the problem, for example by printing the
inpurt values to mpi_powm as called here

> #5 0x00005613647db46b in dh_create_local_key (k=0x7f6f11a5c6f0) at
> ssh/keyexchange/dh.c:350

and writing a simple test program. Use
gcry_log_debugmpi ("Some text", MPI).

But what I would do first is to run valgrind on your program. Usually
if quickly pinpoints the faulty code.

> Now something is getting more clear. Is it possible that the
> _gcry_free function assumes it is dealing with secure memory?

Can't tell


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

Attached Files:

Re: segfault calling gcry_mpi_powm [ In reply to ]
gcrypt-devel at gnupg
Jan 15, 2021, 11:31 AM
Post #4 of 5 (348 views)
Permalink
Hi,

the program is doing something what is hard to trace with gdb. GDB
shows the trace, but it does not happen there. It has to do with
memory allocated in a way causing this, and I cannot find it.
In the meantime I've solved this issue when it looks as if it crashes
when calling gcry_mpi_powm, but stuck now somewhere else.
This gives me hope, I can solve something, but still not able to make
it run and stay that way.

I will try valgrind.

thanks,

Stef Bon
the Netherlands

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
Re: segfault calling gcry_mpi_powm [ In reply to ]
gcrypt-devel at gnupg
Jan 18, 2021, 5:03 AM
Post #5 of 5 (347 views)
Permalink
Hi,

I've solved the issue. It was indeed something I suspected: something
else was not allocated the right way, and later somewhere in the
process this will cause errors.
The place it segfaults is not related to the bug.

Anyway, it's running again. Thanks for your time and effort,

Stef Bon
The Netherlands

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal