Forum: Ruby-core [ruby-trunk - Bug #8690][Assigned] Enciphering a key with AES-128-CBC-HMAC-SHA1 crashes in OpenSSL

58479f76374a3ba3c69b9804163f39f4?d=identicon&s=25 drbrain (Eric Hodel) (Guest)
on 2013-07-25 22:46
(Received via mailing list)
Issue #8690 has been reported by drbrain (Eric Hodel).

----------------------------------------
Bug #8690: Enciphering a key with AES-128-CBC-HMAC-SHA1 crashes in
OpenSSL
https://bugs.ruby-lang.org/issues/8690

Author: drbrain (Eric Hodel)
Status: Assigned
Priority: Normal
Assignee: MartinBosslet (Martin Bosslet)
Category: ext/openssl
Target version:
ruby -v: ruby 2.0.0p247 (2013-06-27 revision 41674)
[x86_64-darwin12.4.0]
Backport: 1.9.3: UNKNOWN, 2.0.0: UNKNOWN


=begin
While I realize this is probably wrong, I was trying to find a cipher
that JRuby 1.7.4 supported and encountered this crash.

My OpenSSL version is:

  $ ruby -ropenssl -e 'p OpenSSL::OPENSSL_VERSION'
  "OpenSSL 1.0.1e 11 Feb 2013"

The crash:

  $ ruby crash.rb
  crash.rb:10: [BUG] Segmentation fault
  ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-darwin12.4.0]

  -- Crash Report log information
--------------------------------------------
     See Crash Report log file under the one of following:
       * ~/Library/Logs/CrashReporter
       * /Library/Logs/CrashReporter
       * ~/Library/Logs/DiagnosticReports
       * /Library/Logs/DiagnosticReports
     the more detail of.

  -- Control frame information
-----------------------------------------------
  c:0004 p:---- s:0015 e:000014 CFUNC  :initialize
  c:0003 p:---- s:0013 e:000012 CFUNC  :new
  c:0002 p:0083 s:0008 E:002448 EVAL   crash.rb:10 [FINISH]
  c:0001 p:0000 s:0002 E:000868 TOP    [FINISH]

  crash.rb:10:in `<main>'
  crash.rb:10:in `new'
  crash.rb:10:in `initialize'

  -- C level backtrace information
-------------------------------------------

  -- Other runtime information
-----------------------------------------------

  * Loaded script: crash.rb

  * Loaded features:

      0 enumerator.so
      1 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/enc/encdb.bundle
      2
/usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/enc/trans/transdb.bundle
      3 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/rbconfig.rb
      4 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/compatibility.rb
      5 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/defaults.rb
      6 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/deprecate.rb
      7 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/errors.rb
      8 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/version.rb
      9 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/requirement.rb
     10 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/platform.rb
     11
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/basic_specification.rb
     12
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/stub_specification.rb
     13 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/specification.rb
     14 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/exceptions.rb
     15
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_gem.rb
     16 /usr/local/lib/ruby/2.0.0/thread.rb
     17 /usr/local/lib/ruby/2.0.0/monitor.rb
     18
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb
     19 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems.rb
     20 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/digest.bundle
     21 /usr/local/lib/ruby/2.0.0/digest.rb
     22 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/openssl.bundle
     23 /usr/local/lib/ruby/2.0.0/openssl/bn.rb
     24 /usr/local/lib/ruby/2.0.0/openssl/cipher.rb
     25 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/stringio.bundle
     26 /usr/local/lib/ruby/2.0.0/openssl/config.rb
     27 /usr/local/lib/ruby/2.0.0/openssl/digest.rb
     28 /usr/local/lib/ruby/2.0.0/openssl/x509.rb
     29 /usr/local/lib/ruby/2.0.0/openssl/buffering.rb
     30 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/fcntl.bundle
     31 /usr/local/lib/ruby/2.0.0/openssl/ssl.rb
     32 /usr/local/lib/ruby/2.0.0/openssl.rb

  [NOTE]
  You may have encountered a bug in the Ruby interpreter or extension
libraries.
  Bug reports are welcome.
  For details: http://www.ruby-lang.org/bugreport.html

  Abort trap: 6

Attached are the script I used to reproduce the crash and the OS X crash
report.
=end
58479f76374a3ba3c69b9804163f39f4?d=identicon&s=25 drbrain (Eric Hodel) (Guest)
on 2013-07-25 22:56
(Received via mailing list)
Issue #8690 has been updated by drbrain (Eric Hodel).


AES-256-CBC-HMAC-SHA1 also crashes with the same stack trace
----------------------------------------
Bug #8690: Enciphering a key with AES-128-CBC-HMAC-SHA1 crashes in
OpenSSL
https://bugs.ruby-lang.org/issues/8690#change-40671

Author: drbrain (Eric Hodel)
Status: Assigned
Priority: Normal
Assignee: MartinBosslet (Martin Bosslet)
Category: ext/openssl
Target version:
ruby -v: ruby 2.0.0p247 (2013-06-27 revision 41674)
[x86_64-darwin12.4.0]
Backport: 1.9.3: UNKNOWN, 2.0.0: UNKNOWN


=begin
While I realize this is probably wrong, I was trying to find a cipher
that JRuby 1.7.4 supported and encountered this crash.

My OpenSSL version is:

  $ ruby -ropenssl -e 'p OpenSSL::OPENSSL_VERSION'
  "OpenSSL 1.0.1e 11 Feb 2013"

The crash:

  $ ruby crash.rb
  crash.rb:10: [BUG] Segmentation fault
  ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-darwin12.4.0]

  -- Crash Report log information
--------------------------------------------
     See Crash Report log file under the one of following:
       * ~/Library/Logs/CrashReporter
       * /Library/Logs/CrashReporter
       * ~/Library/Logs/DiagnosticReports
       * /Library/Logs/DiagnosticReports
     the more detail of.

  -- Control frame information
-----------------------------------------------
  c:0004 p:---- s:0015 e:000014 CFUNC  :initialize
  c:0003 p:---- s:0013 e:000012 CFUNC  :new
  c:0002 p:0083 s:0008 E:002448 EVAL   crash.rb:10 [FINISH]
  c:0001 p:0000 s:0002 E:000868 TOP    [FINISH]

  crash.rb:10:in `<main>'
  crash.rb:10:in `new'
  crash.rb:10:in `initialize'

  -- C level backtrace information
-------------------------------------------

  -- Other runtime information
-----------------------------------------------

  * Loaded script: crash.rb

  * Loaded features:

      0 enumerator.so
      1 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/enc/encdb.bundle
      2
/usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/enc/trans/transdb.bundle
      3 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/rbconfig.rb
      4 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/compatibility.rb
      5 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/defaults.rb
      6 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/deprecate.rb
      7 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/errors.rb
      8 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/version.rb
      9 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/requirement.rb
     10 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/platform.rb
     11
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/basic_specification.rb
     12
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/stub_specification.rb
     13 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/specification.rb
     14 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/exceptions.rb
     15
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_gem.rb
     16 /usr/local/lib/ruby/2.0.0/thread.rb
     17 /usr/local/lib/ruby/2.0.0/monitor.rb
     18
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb
     19 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems.rb
     20 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/digest.bundle
     21 /usr/local/lib/ruby/2.0.0/digest.rb
     22 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/openssl.bundle
     23 /usr/local/lib/ruby/2.0.0/openssl/bn.rb
     24 /usr/local/lib/ruby/2.0.0/openssl/cipher.rb
     25 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/stringio.bundle
     26 /usr/local/lib/ruby/2.0.0/openssl/config.rb
     27 /usr/local/lib/ruby/2.0.0/openssl/digest.rb
     28 /usr/local/lib/ruby/2.0.0/openssl/x509.rb
     29 /usr/local/lib/ruby/2.0.0/openssl/buffering.rb
     30 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/fcntl.bundle
     31 /usr/local/lib/ruby/2.0.0/openssl/ssl.rb
     32 /usr/local/lib/ruby/2.0.0/openssl.rb

  [NOTE]
  You may have encountered a bug in the Ruby interpreter or extension
libraries.
  Bug reports are welcome.
  For details: http://www.ruby-lang.org/bugreport.html

  Abort trap: 6

Attached are the script I used to reproduce the crash and the OS X crash
report.
=end
1ecef11b3cc6abfda85798858745ef72?d=identicon&s=25 MartinBosslet (Martin Bosslet) (Guest)
on 2013-07-25 23:57
(Received via mailing list)
Issue #8690 has been updated by MartinBosslet (Martin Bosslet).


We just talked about it and found out that it's an issue only with Intel
processors with the AES-NI instructions. The algorithm is only available
for those CPUs, and I was able to reproduce the crash there. It happens
in the very last line where the RSA key is instantiated. I'll have to
debug further to find out if this is happening in Ruby OpenSSL or
OpenSSL itself.
----------------------------------------
Bug #8690: Enciphering a key with AES-128-CBC-HMAC-SHA1 crashes in
OpenSSL
https://bugs.ruby-lang.org/issues/8690#change-40672

Author: drbrain (Eric Hodel)
Status: Assigned
Priority: Normal
Assignee: MartinBosslet (Martin Bosslet)
Category: ext/openssl
Target version:
ruby -v: ruby 2.0.0p247 (2013-06-27 revision 41674)
[x86_64-darwin12.4.0]
Backport: 1.9.3: UNKNOWN, 2.0.0: UNKNOWN


=begin
While I realize this is probably wrong, I was trying to find a cipher
that JRuby 1.7.4 supported and encountered this crash.

My OpenSSL version is:

  $ ruby -ropenssl -e 'p OpenSSL::OPENSSL_VERSION'
  "OpenSSL 1.0.1e 11 Feb 2013"

The crash:

  $ ruby crash.rb
  crash.rb:10: [BUG] Segmentation fault
  ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-darwin12.4.0]

  -- Crash Report log information
--------------------------------------------
     See Crash Report log file under the one of following:
       * ~/Library/Logs/CrashReporter
       * /Library/Logs/CrashReporter
       * ~/Library/Logs/DiagnosticReports
       * /Library/Logs/DiagnosticReports
     the more detail of.

  -- Control frame information
-----------------------------------------------
  c:0004 p:---- s:0015 e:000014 CFUNC  :initialize
  c:0003 p:---- s:0013 e:000012 CFUNC  :new
  c:0002 p:0083 s:0008 E:002448 EVAL   crash.rb:10 [FINISH]
  c:0001 p:0000 s:0002 E:000868 TOP    [FINISH]

  crash.rb:10:in `<main>'
  crash.rb:10:in `new'
  crash.rb:10:in `initialize'

  -- C level backtrace information
-------------------------------------------

  -- Other runtime information
-----------------------------------------------

  * Loaded script: crash.rb

  * Loaded features:

      0 enumerator.so
      1 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/enc/encdb.bundle
      2
/usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/enc/trans/transdb.bundle
      3 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/rbconfig.rb
      4 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/compatibility.rb
      5 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/defaults.rb
      6 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/deprecate.rb
      7 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/errors.rb
      8 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/version.rb
      9 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/requirement.rb
     10 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/platform.rb
     11
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/basic_specification.rb
     12
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/stub_specification.rb
     13 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/specification.rb
     14 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems/exceptions.rb
     15
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_gem.rb
     16 /usr/local/lib/ruby/2.0.0/thread.rb
     17 /usr/local/lib/ruby/2.0.0/monitor.rb
     18
/usr/local/lib/ruby/site_ruby/2.0.0/rubygems/core_ext/kernel_require.rb
     19 /usr/local/lib/ruby/site_ruby/2.0.0/rubygems.rb
     20 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/digest.bundle
     21 /usr/local/lib/ruby/2.0.0/digest.rb
     22 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/openssl.bundle
     23 /usr/local/lib/ruby/2.0.0/openssl/bn.rb
     24 /usr/local/lib/ruby/2.0.0/openssl/cipher.rb
     25 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/stringio.bundle
     26 /usr/local/lib/ruby/2.0.0/openssl/config.rb
     27 /usr/local/lib/ruby/2.0.0/openssl/digest.rb
     28 /usr/local/lib/ruby/2.0.0/openssl/x509.rb
     29 /usr/local/lib/ruby/2.0.0/openssl/buffering.rb
     30 /usr/local/lib/ruby/2.0.0/x86_64-darwin12.4.0/fcntl.bundle
     31 /usr/local/lib/ruby/2.0.0/openssl/ssl.rb
     32 /usr/local/lib/ruby/2.0.0/openssl.rb

  [NOTE]
  You may have encountered a bug in the Ruby interpreter or extension
libraries.
  Bug reports are welcome.
  For details: http://www.ruby-lang.org/bugreport.html

  Abort trap: 6

Attached are the script I used to reproduce the crash and the OS X crash
report.
=end
This topic is locked and can not be replied to.