[sr #107775] GnuTLS 3.0.0 causes segfault
anonymous
INVALID.NOREPLY at gnu.org
Tue Sep 20 12:56:17 CEST 2011
Follow-up Comment #11, sr #107775 (project gnutls):
(Sorry for the slow reply)
Yeah, the compression fails. _gnutls_send_int() calls _gnutls_encrypt() calls
_gnutls_m_plaintext2compressed() calls _gnutls_compress(). However,
params->write.compression_state is a NULL pointer, so the first argument to
_gnutls_compress() is NULL.
Any hint where to look next? Why is this trying to compress something with
GNUTLS_COMP_NULL?
(gdb) bt
#0 _gnutls_compress (handle=0x0, plain=0x8fbf504 " 20", plain_size=460,
compressed=0xbffcef28,
max_comp_size=18432) at gnutls_compress.c:409
#1 0xb71e199a in _gnutls_m_plaintext2compressed (session=0x8c04570,
compressed=0xbffcef64,
plaintext=0xbffcef6c, params=0x8fbfd90) at gnutls_compress.c:46
#2 0xb71e2953 in _gnutls_encrypt (session=0x8c04570, headers=0xbffcefef
" 26 03 01",
headers_size=5, data=0x8fbf504 " 20", data_size=460, ciphertext=0x8df2bb4
"",
ciphertext_size=2843, type=GNUTLS_HANDSHAKE, params=0x8fbfd90) at
gnutls_cipher.c:109
#3 0xb71df9c7 in _gnutls_send_int (session=0x8c04570, type=GNUTLS_HANDSHAKE,
htype=GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE, epoch_rel=0, _data=0x8fbf504,
data_size=460,
mflags=0) at gnutls_record.c:432
#4 0xb71e5a2f in _gnutls_handshake_io_write_flush (session=0x8c04570) at
gnutls_buffers.c:655
#5 0xb71e9b6e in _gnutls_send_handshake (session=0x8c04570, bufel=0x8fbeab8,
type=GNUTLS_HANDSHAKE_FINISHED) at gnutls_handshake.c:1122
#6 0xb71e8d04 in _gnutls_send_finished (session=0x8c04570, again=0) at
gnutls_handshake.c:656
#7 0xb71ecf41 in _gnutls_send_handshake_final (session=0x8c04570, init=1)
at gnutls_handshake.c:2594
#8 0xb71edb29 in _gnutls_handshake_common (session=0x8c04570) at
gnutls_handshake.c:2816
#9 0xb71ec393 in gnutls_handshake (session=0x8c04570) at
gnutls_handshake.c:2336
#10 0xb774c428 in ?? () from /usr/lib/libloudmouth-1.so.0
#11 0xb774df71 in ?? () from /usr/lib/libloudmouth-1.so.0
#12 0xb774e6f9 in ?? () from /usr/lib/libloudmouth-1.so.0
#13 0xb774f0d8 in ?? () from /usr/lib/libloudmouth-1.so.0
#14 0xb76d96ce in ?? () from /usr/lib/libglib-2.0.so.0
#15 0xb7693c4f in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#16 0xb76943b0 in ?? () from /usr/lib/libglib-2.0.so.0
#17 0xb76946da in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#18 0x08052316 in main ()
(gdb) frame 1
#1 0xb71e199a in _gnutls_m_plaintext2compressed (session=0x8c04570,
compressed=0xbffcef64,
plaintext=0xbffcef6c, params=0x8fbfd90) at gnutls_compress.c:46
46 size =
(gdb) print *params
$10 = {epoch = 0, initialized = 1, cipher_algorithm = GNUTLS_CIPHER_NULL,
mac_algorithm = GNUTLS_MAC_NULL, compression_algorithm = GNUTLS_COMP_NULL,
read = {mac_secret = {
data = 0x0, size = 0}, IV = {data = 0x0, size = 0}, key = {data = 0x0,
size = 0},
cipher_state = {cipher = {handle = 0x0, encrypt = 0, decrypt = 0, auth =
0, tag = 0, setiv = 0,
deinit = 0, tag_size = 0, is_aead = 0}, mac = {algorithm =
GNUTLS_MAC_UNKNOWN, key = 0x0,
keysize = 0, hash = 0, copy = 0, reset = 0, output = 0, deinit = 0,
handle = 0x0},
is_mac = 0, ssl_hmac = 0, tag_size = 0}, compression_state = 0x0,
sequence_number = {
i = " 00 00 00 00 00 00 00 03"}}, write = {mac_secret = {data = 0x0,
size = 0}, IV = {
data = 0x0, size = 0}, key = {data = 0x0, size = 0}, cipher_state =
{cipher = {handle = 0x0,
encrypt = 0, decrypt = 0, auth = 0, tag = 0, setiv = 0, deinit = 0,
tag_size = 0,
is_aead = 0}, mac = {algorithm = GNUTLS_MAC_UNKNOWN, key = 0x0,
keysize = 0, hash = 0,
copy = 0, reset = 0, output = 0, deinit = 0, handle = 0x0}, is_mac =
0, ssl_hmac = 0,
tag_size = 0}, compression_state = 0x0, sequence_number = {
i = " 00 00 00 00 00 00 00 01"}}, usage_cnt = 2}
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?107775>
_______________________________________________
Nachricht geschickt von/durch Savannah
http://savannah.gnu.org/
More information about the Gnutls-devel
mailing list