[gnutls-dev] gnutls_free_dh_info

Thu Apr 21 03:21:41 CEST 2005

Hello,

I am the developer of mod_gnutls for Apache, and I recently upgraded to
1.2.1 from 1.2.0.

It looks like _gnutls_free_auth_info was changed to call
_gnutls_free_dh_info and _gnutls_free_rsa_info.  These are attempting to
free() data wrongly for me.

Backtrace:
#0  0x402ca354 in mallopt () from /lib/libc.so.6
#1  0x402c915f in free () from /lib/libc.so.6
#2  0x404c16c3 in _gnutls_free_datum_m (dat=0x821d950,
gfree_func=0x80601ac <free>) at gnutls_datum.c:100
#3  0x404d8af1 in _gnutls_free_dh_info (dh=0x821d93c) at auth_dh_common.c:49
#4  0x404c2fd1 in _gnutls_unpack_certificate_auth_info (info=0x821d938,
packed_session=0xbefff654) at gnutls_session_pack.c:407
#5  0x404c2bde in _gnutls_session_unpack (session=0x8252508,
packed_session=0xbefff654) at gnutls_session_pack.c:286
#6  0x404bd48a in gnutls_session_set_data (session=0x8252508,
session_data=0x825bda0, session_data_size=801) at gnutls_session.c:137
#7  0x404bd986 in _gnutls_server_restore_session (session=0x8252508,
session_id=0x825bb1b
"É7>f\034¹\237\231ö°Êlð±\"Ä\222½Aõ¢æk\f\235\177qRè.\211f",
    session_id_size=32) at gnutls_db.c:254
#8  0x404b1c51 in _gnutls_read_client_hello (session=0x8252508,
data=0x825baf8 "\003\002BfùáöÎÞ", datalen=150) at gnutls_handshake.c:322
#9  0x404b5255 in _gnutls_recv_hello (session=0x8252508, data=0x825baf8
"\003\002BfùáöÎÞ", datalen=150) at gnutls_handshake.c:1807
#10 0x404b3702 in _gnutls_recv_handshake (session=0x8252508, data=0x0,
datalen=0x0, type=GNUTLS_CLIENT_HELLO, optional=MANDATORY_PACKET)
    at gnutls_handshake.c:1104
#11 0x404b6288 in _gnutls_handshake_server (session=0x8252508) at
gnutls_handshake.c:2239
#12 0x404b5411 in gnutls_handshake (session=0x8252508) at
gnutls_handshake.c:1962
#13 0x4049058e in gnutls_do_handshake (ctxt=0x824d518) at gnutls_io.c:366
#14 0x40490948 in mod_gnutls_filter_input (f=0x82515a0, bb=0x8253e98,
mode=AP_MODE_GETLINE, block=APR_BLOCK_READ, readbytes=0) at gnutls_io.c:442
#15 0x0807cd63 in ap_get_brigade (next=0x82515a0, bb=0x4659a318,
mode=1180279576, block=1180279576, readbytes=136436216) at util_filter.c:489
#16 0x0807cd63 in ap_get_brigade (next=0x8253e38, bb=0x4659a318,
mode=1180279576, block=1180279576, readbytes=136436216) at util_filter.c:489
#17 0x08066d1e in ap_rgetline_core (s=0x8253070, n=8192,
read=0xbefff980, r=0x8253058, fold=0, bb=0x8253e98) at protocol.c:215
#18 0x08067297 in read_request_line (r=0x8253058, bb=0x8253e98) at
protocol.c:580
#19 0x08067a61 in ap_read_request (conn=0x82373f8) at protocol.c:872
#20 0x0807d248 in ap_process_http_connection (c=0x82373f8) at
http_core.c:165
#21 0x08079eb5 in ap_run_process_connection (c=0x82373f8) at connection.c:43
#22 0x08083a51 in process_socket (p=0x8237210, sock=0x8237248,
my_child_num=1043843360, my_thread_num=1180279576,
bucket_alloc=0x4659a318) at worker.c:521
#23 0x0808422a in worker_thread (thd=0x4659a318, dummy=0x4659a318) at
worker.c:859
#24 0x401be466 in dummy_worker (opaque=0x4659a318) at
threadproc/unix/thread.c:138
#25 0x40209e51 in pthread_start_thread () from /lib/libpthread.so.0
#26 0x40209ecf in pthread_start_thread_event () from /lib/libpthread.so.0
#27 0x4032f92a in clone () from /lib/libc.so.6

I have had time to look at how to fix this, but I was wondering if this
was a known problem?

On a sidenote, I have Server Name Indication for TLS 1.1 working in my
development tree, and I hope to release a version of mod_gnutls that
supports this sometime this coming weekend.

Thanks,

-Paul Querna