Bug 473781
| Summary: | m2crypto occasionally causes python to segfault | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Dan Kenigsberg <danken> |
| Component: | m2crypto | Assignee: | Miloslav Trmač <mitr> |
| Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE <qe-baseos-auto> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 5.3 | CC: | ovirt-maint |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2008-12-04 22:45:17 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Dan Kenigsberg
2008-11-30 15:30:49 UTC
Thanks for your report. The bug describes segfaults caused by loading public key (without the private exponent) and using it in one of the RSA methods, which implies a call to RSA.check_key (RSA_check_key). This crashes because it attempts to access the private exponent, which is NULL. The current upstream fix changes the API (see https://bugzilla.osafoundation.org/show_bug.cgi?id=12465 ), so it is unusable for RHEL5. AFAICS this crash is entirely deterministic and not security related. If the segmentation faults were "occasional", this change is probably not relevant to your problem. As long as we are guessing, the following CHANGES entry is another option: > - Prevent Connection.makefile from freeing bio redundantly, by Thomas Uram but it would be much better to know the cause of the crashes for certain. I'm inclined to close this bug WONTFIX - have I overlooked a reason not to? |