some crashes on using DSA keys
Nikos Mavrogiannopoulos
nmav at gnutls.org
Mon Apr 20 14:18:41 CEST 2009
Miroslav Kratochvil wrote:
> Hi there,
> today i wanted to experiment with some weird key combinations (I dont
> realize why now..). I was trying to use DSA keys in combination with
> some RSA, and came to a crash in GnuTLS library core. I'm posting some
> logs and a backtrace below.
> As the error was "glibc detected double free or stack corruption", my
> research led me to a strange method of handling sexp's in
> lib/pk-libgcrpt.c, see code here:
[...]
> In my opinion, this seems as a simple but hard-to-see bug. Kick me if
> I'm wrong (and explain why, please.)
>
> Solution is simple, you add a line just below the 3
> gcry_sexp_releases, something like this:
> s_sig=s_hash=s_pkey=0;
> I'm sorry if this is already fixed in gnutls above 2.6.5, but I didn't
> have much time to investigate yet. The same for complete debugging
> backtrace; I will probably generate both of them later this day.
Thank you for reporting that. It wasn't fixed in any release, thus I
commited a fix to 2.7 and backported it to 2.6.
best regards,
Nikos
More information about the Gnutls-devel
mailing list