segfault calling gcry_mpi_powm

Werner Koch wk at
Fri Jan 15 15:28:32 CET 2021

On Mon, 11 Jan 2021 05:05, Stef Bon said:
> #3  0x00007f6f12a0feeb in _gcry_mpi_powm (res=0x7f6f0c00c5c8,
> base=<optimized out>, expo=<optimized out>, mod=<optimized out>) at
> mpi-pow.c:744

This is

    for (i = 0; i < (1 << (W - 1)); i++)
      _gcry_mpi_free_limb_space( precomp[i], esec ? precomp_size[i] : 0 );
    _gcry_mpi_free_limb_space (base_u, esec ? max_u_size : 0);

and not easy to decide what's going wrong with this internally allocated
memory.  We need to replicate the problem, for example by printing the
inpurt values to mpi_powm as called here

> #5  0x00005613647db46b in dh_create_local_key (k=0x7f6f11a5c6f0) at
> ssh/keyexchange/dh.c:350

and writing a simple test program.  Use
gcry_log_debugmpi ("Some text", MPI).

But what I would do first is to run valgrind on your program.  Usually
if quickly pinpoints the faulty code.

> Now something is getting more clear. Is it possible that the
> _gcry_free function assumes it is dealing with secure memory?

Can't tell



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gcrypt-devel mailing list