Bug 1201671
| Summary: | self test fails in FIPS140-2 mode when run under address sanitizer | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Nikos Mavrogiannopoulos <nmavrogi> |
| Component: | gnutls | Assignee: | Nikos Mavrogiannopoulos <nmavrogi> |
| Status: | CLOSED ERRATA | QA Contact: | Stanislav Zidek <szidek> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.1 | CC: | tmraz |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | gnutls-3.3.22-1.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-11-04 00:58:33 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2218.html |
Description of problem: When running gnutls in FIPS140-2 mode under address sanitizer it will report: ==3990==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000409f89 at pc 0x7f2604585a9a bp 0x7ffdf3a05220 sp 0x7ffdf3a049c8 READ of size 8 at 0x000000409f89 thread T0 #0 0x7f076da20a99 (/lib64/libasan.so.1+0x2fa99) #1 0x7f076d2be1b5 in nettle_cbc_decrypt /home/nmavrogi/cvs/nettle/cbc.c:85 #2 0x7f076d741597 in _cbc_decrypt /home/nmavrogi/cvs/gnutls/lib/nettle/cipher.c:118 #3 0x7f076d742655 in wrap_nettle_cipher_decrypt /home/nmavrogi/cvs/gnutls/lib/nettle/cipher.c:534 #4 0x40213b in test_cipher ../../lib/crypto-selftests.c:388 #5 0x4055b7 in gnutls_cipher_self_test ../../lib/crypto-selftests.c:840 #6 0x401b24 in main /home/nmavrogi/cvs/gnutls/tests/slow/cipher-test.c:43 #7 0x3a1d81ffdf in __libc_start_main (/lib64/libc.so.6+0x3a1d81ffdf) #8 0x401bb4 (/home/nmavrogi/cvs/gnutls/tests/slow/cipher-test+0x401bb4) The issue is because the 3DES self-test is encrypting 16 bytes instead of the provided 8, meaning it would try to read 16 bytes from a memory address that holds 8. That was fixed in: https://gitlab.com/gnutls/gnutls/commit/bd2dc8e8cdbc2a1d4db2b25b7defd31b43f03c07 How reproducible: Compile gnutls with address sanitizer and run the test suite. Additional info: The issue should not typically affect systems not running under the sanitizer.