<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en" style='--code-editor-font: var(--default-mono-font, "Menlo"), DejaVu Sans Mono, Liberation Mono, Consolas, Ubuntu Mono, Courier New, andale mono, lucida console, monospace;'>

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style data-premailer="ignore" type="text/css">

a { color: #1068bf; }

</style>

<style>img {

max-width: 100%; height: auto;

}

body {

font-size: 0.875rem;

}

body {

-webkit-text-shadow: rgba(255,255,255,0.01) 0 0 1px;

}

body {

font-family: var(--default-regular-font, -apple-system),BlinkMacSystemFont,"Segoe UI",Roboto,"Noto Sans",Ubuntu,Cantarell,"Helvetica Neue",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"; font-size: inherit;

}

</style>

</head>

<body style='font-size: inherit; -webkit-text-shadow: rgba(255,255,255,0.01) 0 0 1px; font-family: var(--default-regular-font, -apple-system),BlinkMacSystemFont,"Segoe UI",Roboto,"Noto Sans",Ubuntu,Cantarell,"Helvetica Neue",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";'>

<div class="content">

<p class="details" style="font-style: italic; color: #737278;">

<a href="https://gitlab.com/leviathan6">Andrew Meadows</a> created an issue: <a href="https://gitlab.com/gnutls/gnutls/-/issues/1447">#1447</a>

</p>

<div class="md" style="color: #333238; word-wrap: break-word;">

<h2 dir="auto" style="font-size: 1.5em; font-weight: 600; padding-bottom: 0.3em; border-bottom-width: 1px; border-bottom-color: #e6e6ea; border-bottom-style: solid; color: #333238; margin: 0 0 16px;" align="initial">

<a id="user-content-description-of-problem" class="anchor" href="#description-of-problem" aria-hidden="true" style="margin-top: 0; float: left; margin-left: -20px; text-decoration: none; outline: none;"></a>Description of problem:</h2>

<p dir="auto" style="color: #333238; margin: 0 0 16px;" align="initial">Crash in gnutls_privkey_sign_data() when trying to create RSA signature with MD2 digest algorithm.</p>

<h2 dir="auto" style="font-size: 1.5em; font-weight: 600; padding-bottom: 0.3em; border-bottom-width: 1px; border-bottom-color: #e6e6ea; border-bottom-style: solid; color: #333238; margin: 24px 0 16px;" align="initial">

<a id="user-content-version-of-gnutls-used" class="anchor" href="#version-of-gnutls-used" aria-hidden="true" style="margin-top: 0; float: left; margin-left: -20px; text-decoration: none; outline: none;"></a>Version of gnutls used:</h2>

<p dir="auto" style="color: #333238; margin: 0 0 16px;" align="initial">32-bit 3.6.7-4+deb10u7</p>

<h2 dir="auto" style="font-size: 1.5em; font-weight: 600; padding-bottom: 0.3em; border-bottom-width: 1px; border-bottom-color: #e6e6ea; border-bottom-style: solid; color: #333238; margin: 24px 0 16px;" align="initial">

<a id="user-content-distributor-of-gnutls-eg-ubuntu-fedora-rhel" class="anchor" href="#distributor-of-gnutls-eg-ubuntu-fedora-rhel" aria-hidden="true" style="margin-top: 0; float: left; margin-left: -20px; text-decoration: none; outline: none;"></a>Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)</h2>

<p dir="auto" style="color: #333238; margin: 0 0 16px;" align="initial">debian buster, using 32-bit package libgnutls28-dev:i386</p>

<h2 dir="auto" style="font-size: 1.5em; font-weight: 600; padding-bottom: 0.3em; border-bottom-width: 1px; border-bottom-color: #e6e6ea; border-bottom-style: solid; color: #333238; margin: 24px 0 16px;" align="initial">

<a id="user-content-how-reproducible" class="anchor" href="#how-reproducible" aria-hidden="true" style="margin-top: 0; float: left; margin-left: -20px; text-decoration: none; outline: none;"></a>How reproducible:</h2>

<p dir="auto" style="color: #333238; margin: 0 0 16px;" align="initial">100%</p>

<p dir="auto" style="color: #333238; margin: 0 0 16px;" align="initial">Steps to Reproduce:</p>

<ul dir="auto" style="text-align: initial; list-style-type: disc; margin: 0 0 16px; padding: 0;">

<li style="margin-top: 0; line-height: 1.6em; margin-left: 25px; padding-left: 3px;">Create a foo.cpp file with the following code:</li>

</ul>

<div class="gl-relative markdown-code-block js-markdown-code">

<pre lang="plaintext" class="code highlight js-syntax-highlight language-plaintext" data-canonical-lang="" v-pre="true" style='display: block; font-size: 0.875rem; color: #333238; line-height: 1.6em; overflow-x: auto; border-radius: 4px; position: relative; font-family: var(--default-mono-font, "Menlo"),"DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: #fbfafd; margin: 0 0 16px; padding: 12px; border: 1px solid #dcdcde;'><code style='font-size: 0.875rem; color: inherit; word-wrap: normal; word-break: keep-all; background-color: inherit; border-radius: 4px; white-space: pre; margin-top: 0; font-family: var(--default-mono-font, "Menlo"),"DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; overflow-wrap: normal; padding: unset;'><span id="LC1" class="line" lang="plaintext" style="margin-top: 0;">// foo.cpp -- crash in gnutls_privkey_sign_data()</span>

<span id="LC2" class="line" lang="plaintext">//</span>

<span id="LC3" class="line" lang="plaintext">// This program demonstrates what appears to be a bug in 32-bit</span>

<span id="LC4" class="line" lang="plaintext">// gnutls 3.6.7 when trying to create an RSA signature using the</span>

<span id="LC5" class="line" lang="plaintext">// MD2 algorithm.  These are the tested versions and their results:</span>

<span id="LC6" class="line" lang="plaintext">//</span>

<span id="LC7" class="line" lang="plaintext">// 64-bit    gnutls-3.7.3    FAIL</span>

<span id="LC8" class="line" lang="plaintext">// 64-bit    gnutls-3.6.7    SUCCESS</span>

<span id="LC9" class="line" lang="plaintext">// 32-bit    gnutls-3.6.7    CRASH</span>

<span id="LC10" class="line" lang="plaintext">//</span>

<span id="LC11" class="line" lang="plaintext">// These tests were done using some variety of debian or ubuntu.</span>

<span id="LC12" class="line" lang="plaintext"></span>

<span id="LC13" class="line" lang="plaintext">#include <string></span>

<span id="LC14" class="line" lang="plaintext">#include <iostream></span>

<span id="LC15" class="line" lang="plaintext">#include <gnutls/abstract.h></span>

<span id="LC16" class="line" lang="plaintext">#include <gnutls/crypto.h></span>

<span id="LC17" class="line" lang="plaintext"></span>

<span id="LC18" class="line" lang="plaintext">gnutls_digest_algorithm_t digest_algorithm = GNUTLS_DIG_MD2;</span>

<span id="LC19" class="line" lang="plaintext"></span>

<span id="LC20" class="line" lang="plaintext">std::string pem_key = "-----BEGIN PRIVATE KEY-----"</span>

<span id="LC21" class="line" lang="plaintext">"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDj1ejV7Aax85LJ"</span>

<span id="LC22" class="line" lang="plaintext">"yevp8C5bsinRyFGEGK+oVXVzQUKGUFI8fjW0j0uGGfezkwKvNo0UUg4RjoORCsjn"</span>

<span id="LC23" class="line" lang="plaintext">"xTVh0WFUnQd2S9VCmngak41jSR7g7Zg5et2nLOLIKhUcq5N9bdYkFKFF6Tcij20Z"</span>

<span id="LC24" class="line" lang="plaintext">"ekkHJtjPDYAemux26kViqALKvS/n0T+d3MedsVUrGVxCDjGvyrbNF0PaJXfW/ZEz"</span>

<span id="LC25" class="line" lang="plaintext">"C01LcyqCUUMRLdGQCuG7EbV9xKOKajj2nuSeg/aPDAZ5tHJ/ZtBbmyV+5mF8UU5e"</span>

<span id="LC26" class="line" lang="plaintext">"QJKYXCg16xeFoQstdRtk3xyOvfA9D0MPewIpoZL1xj8grMpEigJXH2DbMcuAwFHl"</span>

<span id="LC27" class="line" lang="plaintext">"PL2OVPNZAgMBAAECggEATOqRYW7+T6NIYgFeOKsSK3i5b44uHudqnezD6vYULF3/"</span>

<span id="LC28" class="line" lang="plaintext">"dVaycNOTjqFDo4c098v10u9kun6fYh7+9mf4fp5+Ol+M/l3ZkFOvymEX8XXlC9CK"</span>

<span id="LC29" class="line" lang="plaintext">"fJVDMUYRBbxXRkeSUlz7V1DzpTN3np5HGbvT3as6tKP9JdftjrPGWukXkDRQcPTr"</span>

<span id="LC30" class="line" lang="plaintext">"aTT1s205Bc7ph0G3nRBfNJz077XUJUD+O17r8ILPjMFnQkWOilx9rZtdnUvXwnei"</span>

<span id="LC31" class="line" lang="plaintext">"WUfitibsuZRmNxldQVkeBlM3BS8sMAXodBnDIarQxkbFiRkOUxMNNjhB2oUF1bUI"</span>

<span id="LC32" class="line" lang="plaintext">"zob7S0pAqXpnp6wawvscuwLn5Ik8vGicqYUgoC9UpQKBgQD2SpQyKtSiK6ccR1bH"</span>

<span id="LC33" class="line" lang="plaintext">"divXmRbdu2tXBHVOxxNscH21aCMJ3RExFnQHMTZI2E0zmW2dYUQrqfN+OoXYkq/h"</span>

<span id="LC34" class="line" lang="plaintext">"NfHGiXN059dOXU543UCymtMkxv9UqmkNQxuvhTlP+aBuVOsg6/vNBSUkxH+pyAhV"</span>

<span id="LC35" class="line" lang="plaintext">"kKP70aCzai7xFV6+a3jAi5XQ5wKBgQDs0RYr8Xr0/BdwlekN7cOGRYGLOCOMwI+9"</span>

<span id="LC36" class="line" lang="plaintext">"cq1t61iAUbhXf8wh2NaYg/GsEZ+ZJv5tLLT8KDVOeTCj2/AkKvDuqNhbjY6i8RMY"</span>

<span id="LC37" class="line" lang="plaintext">"xoBx7Pd5GAfkOj3LoMRyQelY+6TbQh2l2iRAxJIjMeBpyyXnKIgoB09R75SmxbV/"</span>

<span id="LC38" class="line" lang="plaintext">"Obx3OkNRvwKBgQCwdZCmPO+p3VLWvPoc4LratrGeXgizCNuvfIybFiHLFnh8Oap2"</span>

<span id="LC39" class="line" lang="plaintext">"nBq3iHfXSzpM7PGPX8AC9LojR3TcTYS7+/VlBNf2+6DUYZ+2kvcmwCzlXbpUg9/O"</span>

<span id="LC40" class="line" lang="plaintext">"g7VTVUVR2o0qX6czKEB5jOUm6a56C3qFK6OB6ZiU01AcpO4DymZytc+6IwKBgQDO"</span>

<span id="LC41" class="line" lang="plaintext">"p673beTkgFBcGRWk6AUl2OWw/a5YF3nX0ojxUNyMLcP15znVl4m80fdFNqPVXCfO"</span>

<span id="LC42" class="line" lang="plaintext">"UaMmIFhUQIFnnHg0t5xER+d2DVOZcVI+3oob4LQcYhIQ4ZonZgXHxyjAU+iKxWll"</span>

<span id="LC43" class="line" lang="plaintext">"37SfKGp2eAHjkDllPQOEGsznLXDFD+bQPSvvx1ITtQKBgGCNB92wMTiLc0GdlEtq"</span>

<span id="LC44" class="line" lang="plaintext">"vOUZBm/ImvmfM52Z7Xgk5x86Nb5kUq39+3udMT/7G0MklGy0gHrX6mjp5rnFAzi6"</span>

<span id="LC45" class="line" lang="plaintext">"eeUxQBQJTOxateiaMrh8CLjrBth0NfTI61bkDNIV/EFAXa7Ou3jjzSDhPW/xzPmm"</span>

<span id="LC46" class="line" lang="plaintext">"jA4eMgGDOpi6f8hdAjDPgrys"</span>

<span id="LC47" class="line" lang="plaintext">"-----END PRIVATE KEY-----";</span>

<span id="LC48" class="line" lang="plaintext"></span>

<span id="LC49" class="line" lang="plaintext">std::string message = "Hello world!";</span>

<span id="LC50" class="line" lang="plaintext"></span>

<span id="LC51" class="line" lang="plaintext">int32_t main() {</span>

<span id="LC52" class="line" lang="plaintext">    gnutls_datum_t key_dat = { (uint8_t*)(pem_key.data()), (uint32_t)(pem_key.size()) };</span>

<span id="LC53" class="line" lang="plaintext">    gnutls_x509_privkey_t key;</span>

<span id="LC54" class="line" lang="plaintext">    gnutls_privkey_t private_key;</span>

<span id="LC55" class="line" lang="plaintext">    gnutls_datum_t msg_dat = { (uint8_t*)(message.data()), (uint32_t)(message.size()) };</span>

<span id="LC56" class="line" lang="plaintext">    gnutls_datum_t sig_dat;</span>

<span id="LC57" class="line" lang="plaintext"></span>

<span id="LC58" class="line" lang="plaintext">    int32_t sig64_len = 0;</span>

<span id="LC59" class="line" lang="plaintext">    bool success = true;</span>

<span id="LC60" class="line" lang="plaintext">    std::string error_message = "";</span>

<span id="LC61" class="line" lang="plaintext">    if (gnutls_x509_privkey_init(&key)) {</span>

<span id="LC62" class="line" lang="plaintext">        error_message = "out of memory";</span>

<span id="LC63" class="line" lang="plaintext">        success = false;</span>

<span id="LC64" class="line" lang="plaintext">    }</span>

<span id="LC65" class="line" lang="plaintext">    if (success && gnutls_x509_privkey_import(key, &key_dat, GNUTLS_X509_FMT_PEM)) {</span>

<span id="LC66" class="line" lang="plaintext">        error_message = "failed to import key";</span>

<span id="LC67" class="line" lang="plaintext">        success = false;</span>

<span id="LC68" class="line" lang="plaintext">    }</span>

<span id="LC69" class="line" lang="plaintext">    if (success && gnutls_privkey_init(&private_key)) {</span>

<span id="LC70" class="line" lang="plaintext">        error_message = "out of memory";</span>

<span id="LC71" class="line" lang="plaintext">        success = false;</span>

<span id="LC72" class="line" lang="plaintext">    }</span>

<span id="LC73" class="line" lang="plaintext">    if (success) {</span>

<span id="LC74" class="line" lang="plaintext">        if (gnutls_privkey_import_x509(private_key, key, 0)) {</span>

<span id="LC75" class="line" lang="plaintext">            error_message = "failed to import private key";</span>

<span id="LC76" class="line" lang="plaintext">            success = false;</span>

<span id="LC77" class="line" lang="plaintext">        }</span>

<span id="LC78" class="line" lang="plaintext">        if (success && GNUTLS_PK_RSA != gnutls_privkey_get_pk_algorithm(private_key, nullptr)) {</span>

<span id="LC79" class="line" lang="plaintext">            // key not compatible with RSA?</span>

<span id="LC80" class="line" lang="plaintext">            error_message = "private key incompatible with RSA";</span>

<span id="LC81" class="line" lang="plaintext">            success = false;</span>

<span id="LC82" class="line" lang="plaintext">        }</span>

<span id="LC83" class="line" lang="plaintext">        // sign data</span>

<span id="LC84" class="line" lang="plaintext">        if (gnutls_privkey_sign_data(private_key, digest_algorithm, 0, &msg_dat, &sig_dat) != 0) {</span>

<span id="LC85" class="line" lang="plaintext">            error_message = "failed to sign";</span>

<span id="LC86" class="line" lang="plaintext">            success = false;</span>

<span id="LC87" class="line" lang="plaintext">        }</span>

<span id="LC88" class="line" lang="plaintext">        if (success) {</span>

<span id="LC89" class="line" lang="plaintext">            std::cout << "success!" << std::endl;</span>

<span id="LC90" class="line" lang="plaintext">            gnutls_free(sig_dat.data);</span>

<span id="LC91" class="line" lang="plaintext">        }</span>

<span id="LC92" class="line" lang="plaintext">        gnutls_privkey_deinit(private_key);</span>

<span id="LC93" class="line" lang="plaintext">    }</span>

<span id="LC94" class="line" lang="plaintext">    gnutls_x509_privkey_deinit(key);</span>

<span id="LC95" class="line" lang="plaintext">    if (!success) {</span>

<span id="LC96" class="line" lang="plaintext">        std::cout << "fail: error='" << error_message << "'" << std::endl;</span>

<span id="LC97" class="line" lang="plaintext">    }</span>

<span id="LC98" class="line" lang="plaintext">    return 0;</span>

<span id="LC99" class="line" lang="plaintext">}</span></code></pre>

<copy-code></copy-code>

</div>

<ul dir="auto" style="text-align: initial; list-style-type: disc; margin: 0 0 16px; padding: 0;">

<li style="margin-top: 0; line-height: 1.6em; margin-left: 25px; padding-left: 3px;">Install the libgnutls28-dev:i386 package</li>

<li style="line-height: 1.6em; margin-left: 25px; padding-left: 3px;">Compile foo.cpp: <code style='font-size: 0.875rem; color: #1f1e24; word-wrap: break-word; background-color: #ececef; border-radius: 4px; margin-top: 0; font-family: var(--default-mono-font, "Menlo"),"DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; white-space: pre-wrap; overflow-wrap: break-word; word-break: keep-all; padding: 2px 4px;'>g++ -ofoo -m32 foo.cpp -l gnutls -L /usr/lib/i386-linux-gnu/</code>

</li>

<li style="line-height: 1.6em; margin-left: 25px; padding-left: 3px;">Run the foo executable: <code style='font-size: 0.875rem; color: #1f1e24; word-wrap: break-word; background-color: #ececef; border-radius: 4px; margin-top: 0; font-family: var(--default-mono-font, "Menlo"),"DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; white-space: pre-wrap; overflow-wrap: break-word; word-break: keep-all; padding: 2px 4px;'>./foo</code>

</li>

</ul>

<h2 dir="auto" style="font-size: 1.5em; font-weight: 600; padding-bottom: 0.3em; border-bottom-width: 1px; border-bottom-color: #e6e6ea; border-bottom-style: solid; color: #333238; margin: 24px 0 16px;" align="initial">

<a id="user-content-actual-results" class="anchor" href="#actual-results" aria-hidden="true" style="margin-top: 0; float: left; margin-left: -20px; text-decoration: none; outline: none;"></a>Actual results:</h2>

<ul dir="auto" style="text-align: initial; list-style-type: disc; margin: 0 0 16px; padding: 0;">

<li style="margin-top: 0; line-height: 1.6em; margin-left: 25px; padding-left: 3px;">Executable will crash with SIGABRT signal</li>

</ul>

<h2 dir="auto" style="font-size: 1.5em; font-weight: 600; padding-bottom: 0.3em; border-bottom-width: 1px; border-bottom-color: #e6e6ea; border-bottom-style: solid; color: #333238; margin: 24px 0 16px;" align="initial">

<a id="user-content-expected-results" class="anchor" href="#expected-results" aria-hidden="true" style="margin-top: 0; float: left; margin-left: -20px; text-decoration: none; outline: none;"></a>Expected results:</h2>

<ul dir="auto" style="text-align: initial; list-style-type: disc; margin: 0; padding: 0;">

<li style="margin-top: 0; line-height: 1.6em; margin-left: 25px; padding-left: 3px;">Executable should print <code style='font-size: 0.875rem; color: #1f1e24; word-wrap: break-word; background-color: #ececef; border-radius: 4px; margin-top: 0; font-family: var(--default-mono-font, "Menlo"),"DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; white-space: pre-wrap; overflow-wrap: break-word; word-break: keep-all; padding: 2px 4px;'>success!</code>

</li>

</ul>

</div>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #737278;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/issues/1447">view it on GitLab</a>.

<br>

You're receiving this email because of your account on <a target="_blank" rel="noopener noreferrer" href="https://gitlab.com">gitlab.com</a>. <a href="https://gitlab.com/-/sent_notifications/bb1d32b783932457ede31b8bd718c70a/unsubscribe" target="_blank" rel="noopener noreferrer">Unsubscribe</a> from this thread · <a href="https://gitlab.com/-/profile/notifications" target="_blank" rel="noopener noreferrer" class="mng-notif-link">Manage all notifications</a> · <a href="https://gitlab.com/help" target="_blank" rel="noopener noreferrer" class="help-link">Help</a>

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/-/issues/1447"}}</script>

</p>

</div>

</body>

</html>