[sr #107730] certtool --generate-certificate segfaults

Petr Pisar INVALID.NOREPLY at gnu.org
Wed Jun 29 22:44:53 CEST 2011 

URL:
  <http://savannah.gnu.org/support/?107730>

                 Summary: certtool --generate-certificate segfaults
                 Project: GnuTLS
            Submitted by: petrp
            Submitted on: Wed 29 Jun 2011 08:44:53 PM GMT
                Category: None
                Priority: 5 - Normal
                Severity: 3 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
        Operating System: None

    _______________________________________________________

Details:

When signing certificate request by CA, certtool (from git HEAD) segfaults:

Starting program: /tmp/gnutls-devel/src/.libs/certtool --generate-certificate
--hash SHA256 --bits 2048 --load-ca-privkey
/home/petr/projekty/libisds/libisds-devel/server/tls/ca.key
--load-ca-certificate
/home/petr/projekty/libisds/libisds-devel/server/tls/ca.cert --load-request
pisar-q.req --outfile pisar-q.crt
[Thread debugging using libthread_db enabled]
Generating a signed certificate...

[...]

Signing certificate...

Program received signal SIGSEGV, Segmentation fault.
0xb7f46de2 in gnutls_privkey_deinit (key=0x0) at gnutls_privkey.c:272
272       if (key->flags & GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE)
(gdb) bt full
#0  0xb7f46de2 in gnutls_privkey_deinit (key=0x0) at gnutls_privkey.c:272
No locals.
#1  0x0804e463 in generate_signed_certificate (cinfo=0xbfffea28)
    at certtool.c:910
        crt = 0x80780e0
        key = 0x0
        size = 1200
        result = 0
        ca_key = 0x8080708
        ca_crt = 0x8077ad8
#2  0x0804ed96 in gaa_parser (argc=14, argv=0xbfffeb14) at certtool.c:1131
        ret = 0
        cinfo = {secret_key = 0x0, privkey = 0x0, pubkey = 0x0, pkcs8 = 0, 
          incert_format = 1, cert = 0x0, request = 0xbfffee2d "pisar-q.req", 
          ca = 0xbfffede1
"/home/petr/projekty/libisds/libisds-devel/server/tls/ca.cert", 
          ca_privkey = 0xbfffed8f
"/home/petr/projekty/libisds/libisds-devel/server/tls/ca.key"}
#3  0x0804c88d in main (argc=14, argv=0xbfffeb14) at certtool.c:102
No locals.

It tries to deinitialize private key from request that's NULL because request
does not contain private key usually.




    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?107730>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

More information about the Gnutls-devel mailing list