[gnutls-devel] GnuTLS | nettle's gnutls_crypto_init() causes segfault in unrelated gmp code during static destructors (#1398)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Tue Aug 23 13:40:59 CEST 2022

Tobias Heider commented:

@nielsmoller switching API does look like a lot of work indeed. The zeroing was motivated by a NIST FIPS requirement in this case, but I don't generally agree that encrypted paging and process isolation provide the same protection. Zeroing process memory in userland also reduces the possible damage done by ROP style attacks or binary exploits running in the same process context.

@dueno @ametzler all downsides considered, I think statically linking doesn't sound too bad. There is one more possible solution which would be using nettle's minigmp (which is always statically linked afaics). I am not sure what the runtime implications/downsides of minigmp are but it would make the packaging a whole lot easier.

I will see if I can come up with a fix to unload the allocators in `gnutls_crypto_deinit` to solve Luke's problem

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1398#note_1074391625
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220823/9956a805/attachment.html>

More information about the Gnutls-devel mailing list