Segfault in libgcrypt
Ian Goldberg
ian at cypherpunks.ca
Fri Oct 7 19:13:42 CEST 2005
I've encountered a segfault in libgcrypt. If you create an mpi by doing
gcry_mpi_scan with a format of GCRYMPI_FMT_USG and a length of 0, that
mpi ends up having no limbs (which is technically correct, for an mpi
with value 0), but then some functions (like gcry_mpi_cmp_ui) try to
access them anyway, causing a segfault.
For example:
#include <stdio.h>
#include <gcrypt.h>
int main(int argc, char **argv)
{
gcry_mpi_t good_zero, bad_zero;
unsigned char zerobuf[1] = { 0x00 };
/* Make a "good" MPI with value 0 */
gcry_mpi_scan(&good_zero, GCRYMPI_FMT_USG, zerobuf, 1, NULL);
/* Compare it to a ui */
printf("Result of comparing with 2: %d\n",
gcry_mpi_cmp_ui(good_zero, 2));
/* Make a "bad" MPI with value 0 */
gcry_mpi_scan(&bad_zero, GCRYMPI_FMT_USG, zerobuf, 0, NULL);
/* Compare it to a ui */
printf("Result of comparing with 2: %d\n",
gcry_mpi_cmp_ui(bad_zero, 2));
return 0;
}
Outputs:
Result of comparing with 2: -1
Segmentation fault
This is an issue when you're parsing messages in a protocol that look
like an mpi length, followed by data. If a length of 0 gets passed, to
indicate a value of 0, you end up with one of these "bad" mpis.
- Ian
More information about the Gcrypt-devel
mailing list