[gnutls-devel] GnuTLS | tests/slow/test-ciphers-api.sh (cipher-api-test.c) relies on undefined behavior (#623)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Nov 19 15:19:36 CET 2018


New Issue was created.

Issue 623: https://gitlab.com/gnutls/gnutls/issues/623
Author:    Tim Rühsen
Assignee:  

I tracked down the failure of this test on Alpine (busybox+musl)... as is turns out the test relies on a special glibc behavior of abort(). Which is even the opposite of the documented behavior :-). One way to achieve a stable behavior would be to split the test into several smaller ones and avoiding `signal(SIGABRT, ...)`.

The man page of Debian (libc 2.27) says
```
If  the  SIGABRT  signal  is ignored, or caught by a handler that returns, the abort() function will still terminate the
process.  It does this by restoring the default disposition for SIGABRT and then raising the signal for a second time.
```

But the test does the opposite by setting a signal handler for SIGABRT, assuming that the process doesn't abort in this case, e.g.
```
  signal(SIGABRT, custom_abrt);                  
  ret = gnutls_cipher_add_auth(ch, data, 16);
  signal(SIGABRT, SIG_DFL);
  if (ret >= 0 && error_detected == 0)
    fail("succeeded in adding auth data data after partial data were given\n");
```

This seems to work with glibc 2.27 but can change with any new version.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/623
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181119/918bebe1/attachment-0001.html>


More information about the Gnutls-devel mailing list