<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<p style="color: #777777;">

<a href="https://gitlab.com/dkg">Daniel Kahn Gillmor</a>

<a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1428#note_643275026">commented</a>:

</p>

<div style="">

<p dir="auto">hm, the UB+ASAN-Werror test run failed with this information:</p>

<pre class="code highlight js-syntax-highlight language-plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">testing 16 bytes from '/builds/dkg/gnutls/fuzz/gnutls_private_key_parser_fuzzer.in/10a5c92fa30ddb6cbb4286d7699b2b7a7e032b17'</span>

<span id="LC2" class="line" lang="plaintext">common.c:633:2: runtime error: null pointer passed as argument 2, which is declared to never be null</span>

<span id="LC3" class="line" lang="plaintext">    #0 0x7f0369db2ea4 in _gnutls_x509_decode_string /builds/dkg/gnutls/lib/x509/common.c:633</span>

<span id="LC4" class="line" lang="plaintext">    #1 0x7f0369db5121 in _gnutls_x509_read_string /builds/dkg/gnutls/lib/x509/common.c:803</span>

<span id="LC5" class="line" lang="plaintext">    #2 0x7f0369e47024 in _decode_pkcs8_modern_ecdh_key /builds/dkg/gnutls/lib/x509/privkey_pkcs8.c:1159</span>

<span id="LC6" class="line" lang="plaintext">    #3 0x7f0369e47024 in decode_private_key_info /builds/dkg/gnutls/lib/x509/privkey_pkcs8.c:1518</span>

<span id="LC7" class="line" lang="plaintext">    #4 0x7f0369e4fd40 in gnutls_x509_privkey_import_pkcs8 /builds/dkg/gnutls/lib/x509/privkey_pkcs8.c:1636</span>

<span id="LC8" class="line" lang="plaintext">    #5 0x7f0369e3bc87 in gnutls_x509_privkey_import /builds/dkg/gnutls/lib/x509/privkey.c:584</span>

<span id="LC9" class="line" lang="plaintext">    #6 0x402497 in LLVMFuzzerTestOneInput /builds/dkg/gnutls/fuzz/gnutls_private_key_parser_fuzzer.c:39</span>

<span id="LC10" class="line" lang="plaintext">    #7 0x402992 in test_single_file /builds/dkg/gnutls/fuzz/main.c:68</span>

<span id="LC11" class="line" lang="plaintext">    #8 0x402b36 in test_all_from /builds/dkg/gnutls/fuzz/main.c:93</span>

<span id="LC12" class="line" lang="plaintext">    #9 0x402de6 in main /builds/dkg/gnutls/fuzz/main.c:130</span>

<span id="LC13" class="line" lang="plaintext">    #10 0x7f03689a5b74 in __libc_start_main (/lib64/libc.so.6+0x27b74)</span>

<span id="LC14" class="line" lang="plaintext">    #11 0x4022dd in _start (/builds/dkg/gnutls/fuzz/.libs/lt-gnutls_private_key_parser_fuzzer+0x4022dd)</span>

<span id="LC15" class="line" lang="plaintext"></span>

<span id="LC16" class="line" lang="plaintext">FAIL gnutls_private_key_parser_fuzzer (exit status: 1)</span></code></pre>

<p dir="auto">That file contains the following 16 octets:</p>

<pre class="code highlight js-syntax-highlight language-plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">00000000  30 0e 02 01 00 30 05 06  03 2b 65 6e 04 02 24 fa  |0....0...+en..$.|</span>

<span id="LC2" class="line" lang="plaintext">00000010</span></code></pre>

<p dir="auto">which in ASN1 is:</p>

<pre class="code highlight js-syntax-highlight language-plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">  0  14: SEQUENCE {</span>

<span id="LC2" class="line" lang="plaintext">  2   1:   INTEGER 0</span>

<span id="LC3" class="line" lang="plaintext">  5   5:   SEQUENCE {</span>

<span id="LC4" class="line" lang="plaintext">  7   3:     OBJECT IDENTIFIER curveX25519 (1 3 101 110)</span>

<span id="LC5" class="line" lang="plaintext">       :     }</span>

<span id="LC6" class="line" lang="plaintext"> 12   2:   OCTET STRING 24 FA</span>

<span id="LC7" class="line" lang="plaintext">       :   }</span>

<span id="LC8" class="line" lang="plaintext"></span>

<span id="LC9" class="line" lang="plaintext">0 warnings, 0 errors.</span></code></pre>

<p dir="auto">So it is related to the subject material in this series.  Not sure how to fix it yet though.</p>

</div>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1428#note_643275026">view it on GitLab</a>.

<br>

You're receiving this email because of your account on gitlab.com.

If you'd like to receive fewer emails, you can

<a href="https://gitlab.com/-/sent_notifications/079da4891285a35a9ee9b2edfa4634b7/unsubscribe">unsubscribe</a>

from this thread or

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Merge request","url":"https://gitlab.com/gnutls/gnutls/-/merge_requests/1428#note_643275026"}}</script>

</p>

</div>

</body>

</html>