[sr #107729] certtool --generate-request crashes when generating key on-the-fly

Petr Pisar INVALID.NOREPLY at gnu.org
Wed Jun 29 21:36:18 CEST 2011


                 Summary: certtool --generate-request crashes when generating
key on-the-fly
                 Project: GnuTLS
            Submitted by: petrp
            Submitted on: Wed 29 Jun 2011 07:36:17 PM GMT
                Category: Included programs
                Priority: 5 - Normal
                Severity: 3 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
        Operating System: GNU/Linux




$ certtool --generate-request --hash SHA256 --bits 2048 --outfile pisar-q.req

from gnutls-2.12.7 or git HEAD I get segfault:

(gdb) run
Starting program: /tmp/gnutls-devel/src/.libs/certtool --generate-request
--hash SHA256 --bits 2048 --outfile pisar-q.req
[Thread debugging using libthread_db enabled]
Generating a PKCS #10 certificate request...
** Note: Please use the --sec-param instead of --bits
Generating a 2048 bit RSA private key...

Program received signal SIGSEGV, Segmentation fault.
0xb7f46e34 in check_if_clean (key=0x0) at gnutls_privkey.c:296
296       if (key->type != 0)
(gdb) bt
#0  0xb7f46e34 in check_if_clean (key=0x0) at gnutls_privkey.c:296
#1  0xb7f46e65 in gnutls_privkey_import_x509 (pkey=0x0, key=0x8080e00,
    at gnutls_privkey.c:363
#2  0x08050849 in generate_request (cinfo=0xbfffeaf8) at certtool.c:1843
#3  0x0804ed86 in gaa_parser (argc=8, argv=0xbfffebe4) at certtool.c:1128
#4  0x0804c88d in main (argc=8, argv=0xbfffebe4) at certtool.c:102

As you can see NULL pointer `key' is dereferenced at gnutls_privkey.c:296.

Apparently, the key is not initialized properly. The `key' is `pkey' from

  ret = gnutls_privkey_init (&pkey);
  if (ret < 0)
    error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));

  /* Load the private key.

  pkey = load_private_key (0, cinfo);
  if (!pkey)
      xkey = generate_private_key_int ();

      print_private_key (xkey);

      ret = gnutls_privkey_import_x509(pkey, xkey,

Or first two arguments of gnutls_privkey_import_x509() should be pointers.


Reply to this item at:


  Message sent via/by Savannah

More information about the Gnutls-devel mailing list