Bug 476519
| Summary: | SSL_CTX_set_cipher_list() causes Segmentation fault | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Petr Lautrbach <plautrba> | ||||
| Component: | nss_compat_ossl | Assignee: | Rob Crittenden <rcritten> | ||||
| Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 10 | CC: | rcritten, rrelyea | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2009-01-07 09:10:21 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 326978 [details]
The cipher list is supposed to be a const, don't mess with it
Committed upstream: Sending ssl.c Transmitting file data . Committed revision 68. Starting builds in Fedora. nss_compat_ossl-0.9.4-2.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/nss_compat_ossl-0.9.4-2.fc9 nss_compat_ossl-0.9.4-2.fc8 has been submitted as an update for Fedora 8. http://admin.fedoraproject.org/updates/nss_compat_ossl-0.9.4-2.fc8 nss_compat_ossl-0.9.4-2.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/nss_compat_ossl-0.9.4-2.fc10 nss_compat_ossl-0.9.4-2.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing-newkey update nss_compat_ossl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-11354 nss_compat_ossl-0.9.4-2.fc10 has been pushed to the Fedora 10 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update nss_compat_ossl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2008-11393 nss_compat_ossl-0.9.4-2.fc9 has been pushed to the Fedora 9 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing-newkey update nss_compat_ossl'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-11399 nss_compat_ossl-0.9.4-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. nss_compat_ossl-0.9.4-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. nss_compat_ossl-0.9.4-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. |
Description of problem: src/ssl.c: int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); calls rv = nss_parse_ciphers((char *)str, cipher_state); which tries to change memory assigned to str: src/ssl.c:203 *ciphers++ = '\0'; Version-Release number of selected component (if applicable): nss_compat_ossl-0.9.4-1.fc10 How reproducible: Steps to Reproduce: 1.call SSL_CTX_set_cipher_list(sslnfo->ctx, "RC4-SHA:RC4-MD5:NULL-SHA:EXP-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-RC4-MD5:NULL-MD5:EDH-RSA-DES-CBC-SHA:EXP-RC2-CBC-MD5:EDH-RSA-DES-CBC3-SHA:EXP-ADH-RC4-MD5:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:EXP-ADH-DES-CBC-SHA:ADH-AES256-SHA:ADH-DES-CBC-SHA:ADH-RC4-MD5:AES256-SHA:DES-CBC-SHA:DES-CBC3-SHA:ADH-DES-CBC3-SHA:AES128-SHA:ADH-AES128-SHA:eNULL:ALL") 2. 3. Actual results: Program received signal SIGSEGV, Segmentation fault. nss_parse_ciphers ( ciphers=0x498aa7 ":RC4-MD5:NULL-SHA:EXP-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-RC4-MD5:NULL-MD5:EDH-RSA-DES-CBC-SHA:EXP-RC2-CBC-MD5:EDH-RSA-DES-CBC3-SHA:EXP-ADH-RC4-MD5:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:EXP-ADH-DE"..., cipher_list=0x7fffffff85d0) at ssl.c:203 203 *ciphers++ = '\0'; (gdb) backtrace #0 nss_parse_ciphers ( ciphers=0x498aa7 ":RC4-MD5:NULL-SHA:EXP-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-RC4-MD5:NULL-MD5:EDH-RSA-DES-CBC-SHA:EXP-RC2-CBC-MD5:EDH-RSA-DES-CBC3-SHA:EXP-ADH-RC4-MD5:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:EXP-ADH-DE"..., cipher_list=0x7fffffff85d0) at ssl.c:203 #1 0x000000000011b434 in SSL_CTX_set_cipher_list (ctx=0xe505e0, str=0x498aa0 "RC4-SHA:RC4-MD5:NULL-SHA:EXP-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-RC4-MD5:NULL-MD5:EDH-RSA-DES-CBC-SHA:EXP-RC2-CBC-MD5:EDH-RSA-DES-CBC3-SHA:EXP-ADH-RC4-MD5:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:EXP"...) at ssl.c:1878 #2 0x000000000047baac in Nsock_SSL_Init () at nsock_ssl.c:112 Expected results: Additional info: