[gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Fri Jan 6 21:33:06 CET 2023
Biswapriyo Nath created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1446
## Description of problem:
gnutls-cli command crashes with segmentation fault.
## Version of gnutls used:
3.7.8
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
* Windows 10 build 19045
* msys2/mingw-w64
* gcc version 12.2.0 targeting x86_64-w64-mingw32
* Build command can be found in this file https://github.com/msys2/MINGW-packages/blob/master/mingw-w64-gnutls/PKGBUILD
* With some patches from here https://github.com/msys2/MINGW-packages/tree/master/mingw-w64-gnutls
## How reproducible:
Steps to Reproduce:
* Run this command after compiling `gnutls-cli -d 1 imap.gmail.com -p 993`
## Actual results:
gnutls-cli command crashes with segmentation fault.
* Here is the output:
```
$ ./ucrt64/bin/gnutls-cli -d 1 imap.gmail.com -p 993
|<1>| There was a non-CA certificate in the trusted list: CN=y.
|<1>| There was a non-CA certificate in the trusted list: OU=Copyright (c) 1997 Microsoft Corp.,OU=Microsoft Corporation
,CN=Microsoft Root Authority.
|<1>| There was a non-CA certificate in the trusted list: C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority.
|<1>| There was a non-CA certificate in the trusted list: CN=DESKTOP-IEGKK8M.
|<1>| There was a non-CA certificate in the trusted list: CN=Root Agency.
Processed 37 CA certificate(s).
Resolving 'imap.gmail.com:993'...
Connecting to '172.217.194.109:993'...
Segmentation fault
```
* Here is the backtrace from gdb:
```
Thread 1 received signal SIGSEGV, Segmentation fault.
0x00007ff6eed016da in system_write (ptr=0x3, data=0x223b158940b, data_size=396) at ../../gnutls-3.7.8/src/common.h:128
128 return send(hd->fd, data, data_size, 0);
(gdb) bt
#0 0x00007ff6eed016da in system_write (ptr=0x3, data=0x223b158940b, data_size=396) at ../../gnutls-3.7.8/src/common.h:128
#1 0x00007ffeb4445c59 in _gnutls_writev_emu (session=0x223b15844b0, fd=0x3, giovec=0xbb28ffcc90, giovec_cnt=1, vec=0) at ../../gnutls-3.7.8/lib/buffers.c:450
#2 0x00007ffeb4445e4d in _gnutls_writev (session=0x223b15844b0, giovec=0xbb28ffcc90, giovec_cnt=1, total=396) at ../../gnutls-3.7.8/lib/buffers.c:506
#3 0x00007ffeb4446622 in _gnutls_io_write_flush (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/buffers.c:700
#4 0x00007ffeb4446db0 in _gnutls_handshake_io_write_flush (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/buffers.c:839
#5 0x00007ffeb444da0d in _gnutls_send_handshake2 (session=0x223b15844b0, bufel=0x223b1588210, type=GNUTLS_HANDSHAKE_CLIENT_HELLO, queue_only=0) at ../../gnutls-3.7.8/lib/handshake.c:1450
#6 0x00007ffeb444d4ed in _gnutls_send_handshake (session=0x223b15844b0, bufel=0x223b1588210, type=GNUTLS_HANDSHAKE_CLIENT_HELLO) at ../../gnutls-3.7.8/lib/handshake.c:1287
#7 0x00007ffeb4451026 in send_client_hello (session=0x223b15844b0, again=0) at ../../gnutls-3.7.8/lib/handshake.c:2357
#8 0x00007ffeb4452a05 in handshake_client (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/handshake.c:3052
#9 0x00007ffeb445248c in gnutls_handshake (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/handshake.c:2884
#10 0x00007ff6eed055bd in do_handshake (rpl_socket=0xbb28ffe700) at ../../gnutls-3.7.8/src/cli.c:1855
#11 0x00007ff6eed0c79c in socket_open2 (hd=0xbb28ffe700, hostname=0x223af8851b0 "imap.gmail.com", service=0x7ff6eed35080 <service> "993", app_proto=0x0, flags=64, msg=0x7ff6eed2893b "Connecting to", rdata=0x0, edata=0x0, server_trace=0x0, client_trace=0x0) at ../../gnutls-3.7.8/src/socket.c:602
#12 0x00007ff6eed04347 in main (argc=6, argv=0x223af8729f0) at ../../gnutls-3.7.8/src/cli.c:1371
```
## Expected results:
After reverting the src/common.h hunk from this commit https://gitlab.com/gnutls/gnutls/-/commit/20f993aca3c08a779cd350bf2093d01a6309a32e, the program is working as expected.
* Here is the correct output:
```
$ ./ucrt64/bin/gnutls-cli -d 1 imap.gmail.com -p 993
|<1>| There was a non-CA certificate in the trusted list: CN=y.
|<1>| There was a non-CA certificate in the trusted list: OU=Copyright (c) 1997 Microsoft Corp.,OU=Microsoft Corporation
,CN=Microsoft Root Authority.
|<1>| There was a non-CA certificate in the trusted list: C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority.
|<1>| There was a non-CA certificate in the trusted list: CN=DESKTOP-IEGKK8M.
|<1>| There was a non-CA certificate in the trusted list: CN=Root Agency.
Processed 37 CA certificate(s).
Resolving 'imap.gmail.com:993'...
Connecting to '172.217.194.109:993'...
- Certificate type: X.509
- Got a certificate list of 3 certificates.
- Certificate[0] info:
...
...
goes on...
```
Previously reported here https://github.com/msys2/MINGW-packages/issues/14739
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20230106/7ac11def/attachment-0001.html>
More information about the Gnutls-devel
mailing list