Bug 2023671
| Summary: | EVP_PKEY_new_raw_private_key with too short key corrupts memory | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Petr Menšík <pemensik> |
| Component: | openssl | Assignee: | Dmitry Belyavskiy <dbelyavs> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 36 | CC: | crypto-team, dbelyavs, mspacek, mturk, sahana, tm |
| Target Milestone: | --- | Keywords: | Triaged |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-03-28 13:04:11 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This bug appears to have been reported against 'rawhide' during the Fedora 36 development cycle. Changing version to 36. As we successfully rebased to 3.0.2 where the fix is included, it should be fixed. |
Description of problem: When I tried to enable strongswan package testsuite on Rawhide, it fails also on test it does not fail on f35. Reported it upstream and they confirmed it is bug in OpenSSL. Can the fix be backported? I could start testsuite runs during builds if every test always passes. Version-Release number of selected component (if applicable): openssl-3.0.0-1.fc36 How reproducible: reliable Steps to Reproduce: 1. Use test program below 2. Run it on openssl 3.0 3. Actual results: Crashes Expected results: Should just return null and end in a normal way. Additional info: // compile by: gcc -Wall -g test.c -o test $(pkg-config --libs --cflags openssl) #include <openssl/evp.h> int main(int argc, char *argv[]) { unsigned char data[] = { 234, }; EVP_PKEY *p; p = EVP_PKEY_new_raw_private_key(NID_ED25519, NULL, data, 1 /*sizeof(data)*/); printf("PKEY: %p\n", p); return 0; }