1706104 – openssl asn1parse crashes with double free or corruption (!prev)

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1706104 - openssl asn1parse crashes with double free or corruption (!prev)

Summary: openssl asn1parse crashes with double free or corruption (!prev)

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	openssl
Sub Component:
Version:	8.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	low
Target Milestone:	rc
Target Release:	8.0
Assignee:	Tomas Mraz
QA Contact:	bsmejkal
Docs Contact:
URL:
Whiteboard:
Depends On:	1643026
Blocks:
TreeView+	depends on / blocked

Reported:	2019-05-03 14:39 UTC by Ivan Nikolchev
Modified:	2020-11-14 11:08 UTC (History)
CC List:	3 users (show)
Fixed In Version:	openssl-1.1.1b-3.el8
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-11-05 22:40:19 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2019:3700	0	None	None	None	2019-11-05 22:40:43 UTC

Description Ivan Nikolchev 2019-05-03 14:39:22 UTC

Description of problem:
When you try to parse the output from openssl pkcs12 with openssl asn1parse it crashes with "double free or corruption (!prev)"

Version-Release number of selected component (if applicable):
openssl-1.1.1-8.el8.x86_64

How reproducible:
Always

Steps to Reproduce:
1.Create certificate
* openssl req -x509 -newkey rsa -keyout key.pem -out cert.pem -nodes -subj '/CN=localhost'

2.Create pkcs12 file
* openssl pkcs12 -export -out outfile.p12 -inkey key.pem -in cert.pem

3.Parse that output file with openssl pkcs12
* openssl pkcs12 -in outfile.p12 -nodes -nocerts > newfile

4.Find the offset you want to parse and parse it with openssl asn1parse
* openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22

Actual results:
# openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22
    0:d=0  hl=4 l=1187 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=4 l= 257 prim: INTEGER           :B955CDA088C47B504990181E18BAAB8954356F37A301F6FE34346923D02673327A806FFF47A6FF6325AB64D2A200E51F893DAC599C5132350D696D38747388883D7276DBB62175F1E3210B5F5D8C9100CDD79E95310CC1951822D2F4AAE92F9F86619AF3918C03E75A48BEB0989F50B8A18986EAC14B2703FC3B1CC800274C738AA2666417A468D1FD3B0187D04F3B688402161BA5D8A381F88F88DB6A25FEE8C30130B8696C0904BCB122A2C359F39DA3AA8C86EF922F0438FE3052BCB5A934051B30B009195513C4E85DBCEFD05231B9AEA50FC1D4877F1F5181FFE62D2BFC4806F69E426A79E5C81730D52867C5CE8F761E54C3A303D0DCA641466B52A635
  268:d=1  hl=2 l=   3 prim: INTEGER           :010001
  273:d=1  hl=4 l= 256 prim: INTEGER           :4DEEBCA6B29C1C566878850BB2CE5BEF454FAAD2B462D11F97882A65FAD31041BBAD626AF01052F7B811583612155A43668C5E7AD7F674AC46557CADEE99DE619BA51441D35642A8521FC50E76E1F2DF69AF2F6A00D4225AB5697F578EBEBB5DD33E1BD02BF5BA76804A729503B88A52F8EA41A7595C66AD9054B3078EB8F7B62ED20B5165DA5B992BF1E82E27B5DA97373A43C4394AA60BE73D5EFFA91F8E170F0C9E147BAE3BD9FD566DEFB701BC2EACE28A7A363947BF70696CE99E770238989576F656D8B2A6DFAB10A77AD9C4D0C87E89E0ED0C9ADDBEF4AE8607D7432FF8230EC80E52AE3B9141B44CDCA686CCA4F884672EE8D301B7AB80B20A331AC1
  533:d=1  hl=3 l= 129 prim: INTEGER           :E2B3C46D53AAE5141AF34669AD6714FBFBF6751D2EB3BDC6B0F44D437C83BD8C07BF4F58E998A113C6870E830EF0D8C3B980A4B722CEAF7D3F6D08B03FEEC11A3F8AE32BB3C1447C12479B8F4527E33B19A60198BBF412BE46C33C8E038453E4647968F8C19E3BB021A118F5B78D3D0E3530DC0F42BB7A4E8F6567A8D1E97E9D
  665:d=1  hl=3 l= 129 prim: INTEGER           :D149720DCAE82ABBEFF6809CA44A77A4321F54FB982B633A41555ADEF462A12B1D6E88A5EA7B2DBFF06B68BB33C1912891798F41D98CFCD5FD67A3151B660C471413F531B6DFC53D79A59145FDBB4B52E052C8AA41557C679353910481E81D5828EF9ACF04548D4C4D83074207DE9228F91C3481DAC09D6BAF520D02668CA679
  797:d=1  hl=3 l= 128 prim: INTEGER           :27114FC27F6EADF79F0559971098F916CBBF1743A62EB77FAC330DB59999A26AA55324BB6FD62BBC1AB45F9DDA4F4B2BBFA619BCADB4ECAD2AE7015E4E4638E4EB1A6637BBCC8C9ECD0FA611349BC11F08368183EEB00B22DB52FDF68348A4A4716432E0DB8D07403D2B63FFC45804B3941B0D715BD0AF2D26AD150614D6A649
  928:d=1  hl=3 l= 129 prim: INTEGER           :9E354D38CBF871C59C82D57A945F8ECDDAEE008A28E033A4A81AE414C2DD8444597D6363393C60BB45FD8C3067D19DEFF2F8D7A8C9D260974B767ABBCBF87AB388A405A8CD3B9F98F74A87E54707BCCB2BB4A8E8BB76EA124A36D3DB7A70832E4FD3C14D5952A975D2EA88240C5ADE5686EA216F4074770C1E7E82431C4E9AD1
 1060:d=1  hl=3 l= 128 prim: INTEGER           :63F6C0C8A5564792C3A1DEA60D5F1CCC24080807ECDB7E9B8C7B5CFEC352413A5AC55700BA867F963D16642A85BC7A053F8C25765004162A71C26C2F51386C6D8AE8728F86D104D26E68B99A08B10F8D4CCA05885D5FA9B4D4B50A9F6D99BA0AB6AE7BE4DF3A0150BB38893DAB135EFE8C66FA339D53393CC046FC6F5A2083E4
double free or corruption (!prev)
Aborted (core dumped)

Expected results:
Program exits successfully.

Additional info:

When run with valgrind:

valgrind openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22         
==20464== Memcheck, a memory error detector
==20464== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==20464== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==20464== Command: openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22
==20464== 
    0:d=0  hl=4 l=1187 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=4 l= 257 prim: INTEGER           :B955CDA088C47B504990181E18BAAB8954356F37A301F6FE34346923D02673327A806FFF47A6FF6325AB64D2A200E51F893DAC599C5132350D696D38747388883D7276DBB62175F1E3210B5F5D8C9100CDD79E95310CC1951822D2F4AAE92F9F86619AF3918C03E75A48BEB0989F50B8A18986EAC14B2703FC3B1CC800274C738AA2666417A468D1FD3B0187D04F3B688402161BA5D8A381F88F88DB6A25FEE8C30130B8696C0904BCB122A2C359F39DA3AA8C86EF922F0438FE3052BCB5A934051B30B009195513C4E85DBCEFD05231B9AEA50FC1D4877F1F5181FFE62D2BFC4806F69E426A79E5C81730D52867C5CE8F761E54C3A303D0DCA641466B52A635
  268:d=1  hl=2 l=   3 prim: INTEGER           :010001
  273:d=1  hl=4 l= 256 prim: INTEGER           :4DEEBCA6B29C1C566878850BB2CE5BEF454FAAD2B462D11F97882A65FAD31041BBAD626AF01052F7B811583612155A43668C5E7AD7F674AC46557CADEE99DE619BA51441D35642A8521FC50E76E1F2DF69AF2F6A00D4225AB5697F578EBEBB5DD33E1BD02BF5BA76804A729503B88A52F8EA41A7595C66AD9054B3078EB8F7B62ED20B5165DA5B992BF1E82E27B5DA97373A43C4394AA60BE73D5EFFA91F8E170F0C9E147BAE3BD9FD566DEFB701BC2EACE28A7A363947BF70696CE99E770238989576F656D8B2A6DFAB10A77AD9C4D0C87E89E0ED0C9ADDBEF4AE8607D7432FF8230EC80E52AE3B9141B44CDCA686CCA4F884672EE8D301B7AB80B20A331AC1
  533:d=1  hl=3 l= 129 prim: INTEGER           :E2B3C46D53AAE5141AF34669AD6714FBFBF6751D2EB3BDC6B0F44D437C83BD8C07BF4F58E998A113C6870E830EF0D8C3B980A4B722CEAF7D3F6D08B03FEEC11A3F8AE32BB3C1447C12479B8F4527E33B19A60198BBF412BE46C33C8E038453E4647968F8C19E3BB021A118F5B78D3D0E3530DC0F42BB7A4E8F6567A8D1E97E9D
  665:d=1  hl=3 l= 129 prim: INTEGER           :D149720DCAE82ABBEFF6809CA44A77A4321F54FB982B633A41555ADEF462A12B1D6E88A5EA7B2DBFF06B68BB33C1912891798F41D98CFCD5FD67A3151B660C471413F531B6DFC53D79A59145FDBB4B52E052C8AA41557C679353910481E81D5828EF9ACF04548D4C4D83074207DE9228F91C3481DAC09D6BAF520D02668CA679
  797:d=1  hl=3 l= 128 prim: INTEGER           :27114FC27F6EADF79F0559971098F916CBBF1743A62EB77FAC330DB59999A26AA55324BB6FD62BBC1AB45F9DDA4F4B2BBFA619BCADB4ECAD2AE7015E4E4638E4EB1A6637BBCC8C9ECD0FA611349BC11F08368183EEB00B22DB52FDF68348A4A4716432E0DB8D07403D2B63FFC45804B3941B0D715BD0AF2D26AD150614D6A649
  928:d=1  hl=3 l= 129 prim: INTEGER           :9E354D38CBF871C59C82D57A945F8ECDDAEE008A28E033A4A81AE414C2DD8444597D6363393C60BB45FD8C3067D19DEFF2F8D7A8C9D260974B767ABBCBF87AB388A405A8CD3B9F98F74A87E54707BCCB2BB4A8E8BB76EA124A36D3DB7A70832E4FD3C14D5952A975D2EA88240C5ADE5686EA216F4074770C1E7E82431C4E9AD1
 1060:d=1  hl=3 l= 128 prim: INTEGER           :63F6C0C8A5564792C3A1DEA60D5F1CCC24080807ECDB7E9B8C7B5CFEC352413A5AC55700BA867F963D16642A85BC7A053F8C25765004162A71C26C2F51386C6D8AE8728F86D104D26E68B99A08B10F8D4CCA05885D5FA9B4D4B50A9F6D99BA0AB6AE7BE4DF3A0150BB38893DAB135EFE8C66FA339D53393CC046FC6F5A2083E4
==20464== Invalid free() / delete / delete[] / realloc()
==20464==    at 0x4C3208C: free (vg_replace_malloc.c:540)
==20464==    by 0x5167B5C: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==20464==    by 0x5171B9E: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==20464==    by 0x5171B36: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==20464==    by 0x5171F28: ASN1_item_free (in /usr/lib64/libcrypto.so.1.1.1)
==20464==    by 0x13FE27: ??? (in /usr/bin/openssl)
==20464==    by 0x156063: ??? (in /usr/bin/openssl)
==20464==    by 0x13FB39: ??? (in /usr/bin/openssl)
==20464==    by 0x5C06812: (below main) (in /usr/lib64/libc-2.28.so)
==20464==  Address 0x60179d0 is 0 bytes inside a block of size 1,192 free'd
==20464==    at 0x4C3208C: free (vg_replace_malloc.c:540)
==20464==    by 0x14021D: ??? (in /usr/bin/openssl)
==20464==    by 0x156063: ??? (in /usr/bin/openssl)
==20464==    by 0x13FB39: ??? (in /usr/bin/openssl)
==20464==    by 0x5C06812: (below main) (in /usr/lib64/libc-2.28.so)
==20464==  Block was alloc'd at
==20464==    at 0x4C30E8B: malloc (vg_replace_malloc.c:309)
==20464==    by 0x51679B9: ASN1_STRING_set (in /usr/lib64/libcrypto.so.1.1.1)
==20464==    by 0x516F7AF: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==20464==    by 0x51702AB: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==20464==    by 0x5170AC0: ASN1_item_ex_d2i (in /usr/lib64/libcrypto.so.1.1.1)
==20464==    by 0x5170B3E: ASN1_item_d2i (in /usr/lib64/libcrypto.so.1.1.1)
==20464==    by 0x13FF99: ??? (in /usr/bin/openssl)
==20464==    by 0x156063: ??? (in /usr/bin/openssl)
==20464==    by 0x13FB39: ??? (in /usr/bin/openssl)
==20464==    by 0x5C06812: (below main) (in /usr/lib64/libc-2.28.so)
==20464== 
==20464== 
==20464== HEAP SUMMARY:
==20464==     in use at exit: 1,217 bytes in 1 blocks
==20464==   total heap usage: 4,099 allocs, 4,099 frees, 173,726 bytes allocated
==20464== 
==20464== LEAK SUMMARY:
==20464==    definitely lost: 1,217 bytes in 1 blocks
==20464==    indirectly lost: 0 bytes in 0 blocks
==20464==      possibly lost: 0 bytes in 0 blocks
==20464==    still reachable: 0 bytes in 0 blocks
==20464==         suppressed: 0 bytes in 0 blocks
==20464== Rerun with --leak-check=full to see details of leaked memory
==20464== 
==20464== For counts of detected and suppressed errors, rerun with: -v
==20464== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)



I tested it with upstream OpenSSL_1_1_1-stable branch and it looks like it is fixed there.

Comment 4 bsmejkal 2019-06-25 07:52:47 UTC

Reproducing bug:

Build tested:
openssl-1.1.1-8.el8.x86_64

Steps:
1) # openssl req -x509 -newkey rsa -keyout key.pem -out cert.pem -nodes -subj '/CN=localhost'
Generating a RSA private key
.+++++
............................................+++++
writing new private key to 'key.pem'
-----

2) # openssl pkcs12 -export -out outfile.p12 -inkey key.pem -in cert.pem
Enter Export Password:
Verifying - Enter Export Password:

3) # openssl pkcs12 -in outfile.p12 -nodes -nocerts > newfile
Enter Import Password:

4) # openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22
    0:d=0  hl=4 l=1187 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=4 l= 257 prim: INTEGER           :C01C309D9F48492369AF7FA4FA5C8539E2FC0F1471EF6D6283271821CCFB39430FFC6771595DCAB89B810EE2C50E54160C1BD81E51E381F29C19C8AAC781DDB5C804161BF1155813F79E981A6A07E1AEEB9E20473B111D1F7E375A51082EC9E1A0AFD9930021C7230E9074F5E6BFBA9C475B9DAD5A10BD7160F9574CBACBC7547DD6086D807CBE830C08FF6BDA703A4AD9EFFE8627B92C2D06E417ADE1898ABF5D1015CF5C9E3BB05C0355BF742AC165747CDAB69F731BED964ACDEDEB7DB844451996008FD980C30D56A739CB38EAC86F29DCAB24C0EBC3F1673923D79255B5A98A24A6B19C9424614D5EF02941AF91BB81635892643AC024D1B6C8A6D3AB3F
  268:d=1  hl=2 l=   3 prim: INTEGER           :010001
  273:d=1  hl=4 l= 256 prim: INTEGER           :707B10EBF92AF5C7CA457B5339539A9DBE0D1F37354E9E9923796C63BE050A0DFDFA2706F2F03B95C356D9446564724F465FB7366973EFCE012007A216962F1E1432704F83E49F617186664070FC94633A89A7148DBD0374410E5FCF3A1F4B0CD46CA1D3B42C12D0AFE25CD8ED762CE8FBCEE48F6F4085EB30804D611BADDCD2D3E2FE568F569164029884186823CF96D2AE7AE1F3F88B41C86903C55C6570F9C1027319FA4930227B248CC67C8378784F78D97F909C440AA03156FF288B8F7B43B1BE6153BC40607FC5AB7D4E5289295839EA552DFE9B01249542905DE3E85D7644B2BD990AE04F2EA82C859B29E8C82AE98BEB170AC0B5D9F88DFCE39AC8E1
  533:d=1  hl=3 l= 129 prim: INTEGER           :E39D049E8F89BD4DE0DC1F5545E13157D938B3EA5F14104152F1925FDF740903468802B8DD741CF6687DF270245F14389BFD056FCA133365CC73573A5DCF94CF3A3399404B672117188699FEB0D80D2BE89E78D3BF71644B578A1804C425B2835006B9A92B2B554602BEC2B11F4857F96EDD3A1A6B8908A5DD8BEADFCA6ED76D
  665:d=1  hl=3 l= 129 prim: INTEGER           :D811AA28C83ED0ACD44EF6569947DD68161C0C3D7B8F0B776F066D67A02E3C5458866481200F8D1A36827ACCCED5CF858CFF1E94A9B0CA246F373EDEE50F2473D20CDAEB531D15885B23B7B56B8F0269928EE53F9A56617F9875C79AF328B4CCE5EBDC5671DD3C3D5A287CEE79C3F18F5C8FBA3293B25745BB72AECFE61545DB
  797:d=1  hl=3 l= 129 prim: INTEGER           :C5924B2B335F15621F58131E9ACCB15F16DFC0542579ADEE7607D8CDBD91E42CE2B136E3AEDE9631515C59EFFBB24844272AC6E85558BB5996D15B9AFF492B5B81A2BE58EFDAB1FF713B8D3A65D8F3FDF42A72A922D9537C8E9D00E24A3C8AAAAEF157813F469AFB6D709660D6CD9E0796B3133751B69E3A1387DB35AC6AF035
  929:d=1  hl=3 l= 128 prim: INTEGER           :39510E4B7D3B348DF44FF206ECE864725D1319A821A3C38DEE34CD46E4F5FEE8FD06C1988351BCC38C5C368928010DE8C68B52A86B0F4BC038847638189958B924AA6654709AD1807774D521DA2378A75ACA6F43DD04371EEAE9AB868E246939C57038E5F194978B4AE45CA7C243594C0768D522DF8D3A9B73EB2B365939A16B
 1060:d=1  hl=3 l= 128 prim: INTEGER           :4D6D32CF0820432A7B030FE32E6F1EBE0225DB8BF25CBAF94BEFE8DF1CB7F1E0E984A0141F9EAE67F8F34D068888D87287679C5EDA5E134B9EE27735EB741D41F23B469B893797BFDB51DDBA824433DEC5007B3CBC002A2E7B8825549D87FA798FBBD23F0C6EC234B20A202DF709C6DD4D7ECFF58C31C2236CB991FF7EE4ADB1
double free or corruption (!prev)
Aborted (core dumped)

5) Checking with valgrind

# valgrind openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22

==6483== Memcheck, a memory error detector
==6483== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==6483== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==6483== Command: openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22
==6483== 
    0:d=0  hl=4 l=1187 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=4 l= 257 prim: INTEGER           :C01C309D9F48492369AF7FA4FA5C8539E2FC0F1471EF6D6283271821CCFB39430FFC6771595DCAB89B810EE2C50E54160C1BD81E51E381F29C19C8AAC781DDB5C804161BF1155813F79E981A6A07E1AEEB9E20473B111D1F7E375A51082EC9E1A0AFD9930021C7230E9074F5E6BFBA9C475B9DAD5A10BD7160F9574CBACBC7547DD6086D807CBE830C08FF6BDA703A4AD9EFFE8627B92C2D06E417ADE1898ABF5D1015CF5C9E3BB05C0355BF742AC165747CDAB69F731BED964ACDEDEB7DB844451996008FD980C30D56A739CB38EAC86F29DCAB24C0EBC3F1673923D79255B5A98A24A6B19C9424614D5EF02941AF91BB81635892643AC024D1B6C8A6D3AB3F
  268:d=1  hl=2 l=   3 prim: INTEGER           :010001
  273:d=1  hl=4 l= 256 prim: INTEGER           :707B10EBF92AF5C7CA457B5339539A9DBE0D1F37354E9E9923796C63BE050A0DFDFA2706F2F03B95C356D9446564724F465FB7366973EFCE012007A216962F1E1432704F83E49F617186664070FC94633A89A7148DBD0374410E5FCF3A1F4B0CD46CA1D3B42C12D0AFE25CD8ED762CE8FBCEE48F6F4085EB30804D611BADDCD2D3E2FE568F569164029884186823CF96D2AE7AE1F3F88B41C86903C55C6570F9C1027319FA4930227B248CC67C8378784F78D97F909C440AA03156FF288B8F7B43B1BE6153BC40607FC5AB7D4E5289295839EA552DFE9B01249542905DE3E85D7644B2BD990AE04F2EA82C859B29E8C82AE98BEB170AC0B5D9F88DFCE39AC8E1
  533:d=1  hl=3 l= 129 prim: INTEGER           :E39D049E8F89BD4DE0DC1F5545E13157D938B3EA5F14104152F1925FDF740903468802B8DD741CF6687DF270245F14389BFD056FCA133365CC73573A5DCF94CF3A3399404B672117188699FEB0D80D2BE89E78D3BF71644B578A1804C425B2835006B9A92B2B554602BEC2B11F4857F96EDD3A1A6B8908A5DD8BEADFCA6ED76D
  665:d=1  hl=3 l= 129 prim: INTEGER           :D811AA28C83ED0ACD44EF6569947DD68161C0C3D7B8F0B776F066D67A02E3C5458866481200F8D1A36827ACCCED5CF858CFF1E94A9B0CA246F373EDEE50F2473D20CDAEB531D15885B23B7B56B8F0269928EE53F9A56617F9875C79AF328B4CCE5EBDC5671DD3C3D5A287CEE79C3F18F5C8FBA3293B25745BB72AECFE61545DB
  797:d=1  hl=3 l= 129 prim: INTEGER           :C5924B2B335F15621F58131E9ACCB15F16DFC0542579ADEE7607D8CDBD91E42CE2B136E3AEDE9631515C59EFFBB24844272AC6E85558BB5996D15B9AFF492B5B81A2BE58EFDAB1FF713B8D3A65D8F3FDF42A72A922D9537C8E9D00E24A3C8AAAAEF157813F469AFB6D709660D6CD9E0796B3133751B69E3A1387DB35AC6AF035
  929:d=1  hl=3 l= 128 prim: INTEGER           :39510E4B7D3B348DF44FF206ECE864725D1319A821A3C38DEE34CD46E4F5FEE8FD06C1988351BCC38C5C368928010DE8C68B52A86B0F4BC038847638189958B924AA6654709AD1807774D521DA2378A75ACA6F43DD04371EEAE9AB868E246939C57038E5F194978B4AE45CA7C243594C0768D522DF8D3A9B73EB2B365939A16B
 1060:d=1  hl=3 l= 128 prim: INTEGER           :4D6D32CF0820432A7B030FE32E6F1EBE0225DB8BF25CBAF94BEFE8DF1CB7F1E0E984A0141F9EAE67F8F34D068888D87287679C5EDA5E134B9EE27735EB741D41F23B469B893797BFDB51DDBA824433DEC5007B3CBC002A2E7B8825549D87FA798FBBD23F0C6EC234B20A202DF709C6DD4D7ECFF58C31C2236CB991FF7EE4ADB1
==6483== Invalid free() / delete / delete[] / realloc()
==6483==    at 0x4C3208C: free (vg_replace_malloc.c:540)
==6483==    by 0x5167B5C: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==6483==    by 0x5171B9E: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==6483==    by 0x5171B36: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==6483==    by 0x5171F28: ASN1_item_free (in /usr/lib64/libcrypto.so.1.1.1)
==6483==    by 0x13FE27: ??? (in /usr/bin/openssl)
==6483==    by 0x156063: ??? (in /usr/bin/openssl)
==6483==    by 0x13FB39: ??? (in /usr/bin/openssl)
==6483==    by 0x5C06812: (below main) (in /usr/lib64/libc-2.28.so)
==6483==  Address 0x60169d0 is 0 bytes inside a block of size 1,192 free'd
==6483==    at 0x4C3208C: free (vg_replace_malloc.c:540)
==6483==    by 0x14021D: ??? (in /usr/bin/openssl)
==6483==    by 0x156063: ??? (in /usr/bin/openssl)
==6483==    by 0x13FB39: ??? (in /usr/bin/openssl)
==6483==    by 0x5C06812: (below main) (in /usr/lib64/libc-2.28.so)
==6483==  Block was alloc'd at
==6483==    at 0x4C30E8B: malloc (vg_replace_malloc.c:309)
==6483==    by 0x51679B9: ASN1_STRING_set (in /usr/lib64/libcrypto.so.1.1.1)
==6483==    by 0x516F7AF: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==6483==    by 0x51702AB: ??? (in /usr/lib64/libcrypto.so.1.1.1)
==6483==    by 0x5170AC0: ASN1_item_ex_d2i (in /usr/lib64/libcrypto.so.1.1.1)
==6483==    by 0x5170B3E: ASN1_item_d2i (in /usr/lib64/libcrypto.so.1.1.1)
==6483==    by 0x13FF99: ??? (in /usr/bin/openssl)
==6483==    by 0x156063: ??? (in /usr/bin/openssl)
==6483==    by 0x13FB39: ??? (in /usr/bin/openssl)
==6483==    by 0x5C06812: (below main) (in /usr/lib64/libc-2.28.so)
==6483== 
==6483== 
==6483== HEAP SUMMARY:
==6483==     in use at exit: 1,217 bytes in 1 blocks
==6483==   total heap usage: 4,099 allocs, 4,099 frees, 173,726 bytes allocated
==6483== 
==6483== LEAK SUMMARY:
==6483==    definitely lost: 1,217 bytes in 1 blocks
==6483==    indirectly lost: 0 bytes in 0 blocks
==6483==      possibly lost: 0 bytes in 0 blocks
==6483==    still reachable: 0 bytes in 0 blocks
==6483==         suppressed: 0 bytes in 0 blocks
==6483== Rerun with --leak-check=full to see details of leaked memory
==6483== 
==6483== For counts of detected and suppressed errors, rerun with: -v
==6483== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)



Verify on new version:

Build tested:
openssl-1.1.1c-1.el8.x86_64

Distro:
redhat-release-8.1-3.0.el8.x86_64

Steps:
1) # openssl req -x509 -newkey rsa -keyout key.pem -out cert.pem -nodes -subj '/CN=localhost'
Generating a RSA private key
...............................................................................+++++
......................+++++
writing new private key to 'key.pem'
-----

2) # openssl pkcs12 -export -out outfile.p12 -inkey key.pem -in cert.pem
Enter Export Password:
Verifying - Enter Export Password:

3) # openssl pkcs12 -in outfile.p12 -nodes -nocerts > newfile
Enter Import Password:

4) # openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22
    0:d=0  hl=4 l=1188 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=4 l= 257 prim: INTEGER           :C7BFE56926B5588B3D49115E75C583407F03A415C3AFE5E6A8FD2792D16FC22852B36D491EBC7C171273DAF32CB518C37FED97433C7EB610EAFB8C5AB5BA93F14D9BEFD6B568107880E5EDD6E406B05DFBD72249DADB40D784EB0BA119443E424B9F30AEE97D1680D8D38FEF8785736335EE985EF42912320180CCB9A864073466B6F6E3AC9B5BA0765246BC91BD9A9912CA04179433582A2192FB9EB0777970C50FABBBCC5798AA459AEFB26B3909CDA6AA1D86517D1579B7653F140152E8904BAC54AB937A7F95D0973A7EBF558110E7D18F094B49395DA52723A9EED0271C4073876E25E65B2B86E0D3E140EFBD61DAC2D66D1D0404F0E92C2CDD769E8AA3
  268:d=1  hl=2 l=   3 prim: INTEGER           :010001
  273:d=1  hl=4 l= 256 prim: INTEGER           :3E67D2898E815B9F6CCF3630F7C47464230A852A139011D8857549F6D19E03DFCB2EA9770DB63F6289EE4E3A68FE4F354CF372AD9BE9CE81EC98185A82AA3EEC459DF149783581E7D40581D0003FA2BC4A2105626390DA6A3AE9A0217D9E578128D51C459946EE4FE4EDFBEB0EC0FFB2C037C1BCF0B5202D25511324F1DA0671A76F4976A4ED1752C72CCD7AA50F9BB423899E5956EDD57EBB3A2C0779EDFEA12E06A660563D29A1157DCF44757C8AFC3B65414F96694D7D8662867744626C361AF31E2D063F7B9D525035F70962684C619284FD4B5885977F1BD916C804F6D688B8C94B54155856D7BEDE393E6F90DC2A87CED9DEFD0E9A63DD081CC6705B89
  533:d=1  hl=3 l= 129 prim: INTEGER           :FD1A74704E81F2F43C8C4F5CD31177A4977C5DB7A04B1E71DFC9380BE75A1E7C10308EAAA08D87B8042B43876EF3E07C8741AA2BB9590D650AC4FD8CAE571A7098F40B111160EE53DB16B24962E95E8B1A06A7A14069EFDDB1067272887B7E06CFA81174BEBCAD28A95CC8D55476DBE71EEC4FF609D7D7AE4D28E55B526B7987
  665:d=1  hl=3 l= 129 prim: INTEGER           :CA091FF70848179793B020B74C042935AE9B3B963668A06343C3CBFAD6264352ABD8B1C74ECDDB3481FDA5D020FAA659A852A62178A8D0B1C3A4BBE2D5FB629749ADCEF2630933DFF2CEA90037FBA2E81AC00821155D54C6FFED208F8B7E32893CA3F9DAE0D8BACCA9DB570050094FF5B246029CA93C2F9152A3BE6A30F03D05
  797:d=1  hl=3 l= 129 prim: INTEGER           :BA4A777B95FD45C288B24953AC330619CA3A0A8CB659B3FDE2D62AFF6FF83FC9D6ECB6855608F5E4F684957EA0A6B60B524E7D9F131C3DA4AA4995C9AF24835C6EE7E92155E63F64CF342463A97ED54C930A64E56610D3311C33FF96D767F5B9B3AC23B50712BE6CD84367BAC5217AF7E125D430E6CBCC7F0961D976DEF2260F
  929:d=1  hl=3 l= 129 prim: INTEGER           :9A733159939E3152F257A21B1E64CBF03B0477201586149EEE2E1FA129D7647E2DDB61C5212C645896CB86D83E6DFF7FE91B0DDFE6B2FF9FF615D880C7DEFEF6F31F896669699E9BA4AE722A35A20C5EEE1C41DAB0CF81C103E38E91CE2CF28B51AD7593EB722413D402575768D845A569DCF5A0380C47BD0BF51BDB68802FD5
 1061:d=1  hl=3 l= 128 prim: INTEGER           :263F65564D8AEE9719CD74467C3161400925ED7395D4FB6E0DBDEA3CB85F48D0A948758473275DCA32E5310715AD4B9016728CA7309EA3EB641FC4D6CF70D6BB3437F333480F658DB8431B4234F904083BFDDA3EA094A81124A4C1CF593AEB711BC52E88C5F1461143CA47FF70F1CB9349E108A5749BF2A321F1E470D30DEB96

5) Checking with valgrind
# valgrind openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22

==5059== Memcheck, a memory error detector
==5059== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==5059== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==5059== Command: openssl asn1parse -in newfile -inform PEM -strictpem -strparse 22
==5059== 
    0:d=0  hl=4 l=1188 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=4 l= 257 prim: INTEGER           :C7BFE56926B5588B3D49115E75C583407F03A415C3AFE5E6A8FD2792D16FC22852B36D491EBC7C171273DAF32CB518C37FED97433C7EB610EAFB8C5AB5BA93F14D9BEFD6B568107880E5EDD6E406B05DFBD72249DADB40D784EB0BA119443E424B9F30AEE97D1680D8D38FEF8785736335EE985EF42912320180CCB9A864073466B6F6E3AC9B5BA0765246BC91BD9A9912CA04179433582A2192FB9EB0777970C50FABBBCC5798AA459AEFB26B3909CDA6AA1D86517D1579B7653F140152E8904BAC54AB937A7F95D0973A7EBF558110E7D18F094B49395DA52723A9EED0271C4073876E25E65B2B86E0D3E140EFBD61DAC2D66D1D0404F0E92C2CDD769E8AA3
  268:d=1  hl=2 l=   3 prim: INTEGER           :010001
  273:d=1  hl=4 l= 256 prim: INTEGER           :3E67D2898E815B9F6CCF3630F7C47464230A852A139011D8857549F6D19E03DFCB2EA9770DB63F6289EE4E3A68FE4F354CF372AD9BE9CE81EC98185A82AA3EEC459DF149783581E7D40581D0003FA2BC4A2105626390DA6A3AE9A0217D9E578128D51C459946EE4FE4EDFBEB0EC0FFB2C037C1BCF0B5202D25511324F1DA0671A76F4976A4ED1752C72CCD7AA50F9BB423899E5956EDD57EBB3A2C0779EDFEA12E06A660563D29A1157DCF44757C8AFC3B65414F96694D7D8662867744626C361AF31E2D063F7B9D525035F70962684C619284FD4B5885977F1BD916C804F6D688B8C94B54155856D7BEDE393E6F90DC2A87CED9DEFD0E9A63DD081CC6705B89
  533:d=1  hl=3 l= 129 prim: INTEGER           :FD1A74704E81F2F43C8C4F5CD31177A4977C5DB7A04B1E71DFC9380BE75A1E7C10308EAAA08D87B8042B43876EF3E07C8741AA2BB9590D650AC4FD8CAE571A7098F40B111160EE53DB16B24962E95E8B1A06A7A14069EFDDB1067272887B7E06CFA81174BEBCAD28A95CC8D55476DBE71EEC4FF609D7D7AE4D28E55B526B7987
  665:d=1  hl=3 l= 129 prim: INTEGER           :CA091FF70848179793B020B74C042935AE9B3B963668A06343C3CBFAD6264352ABD8B1C74ECDDB3481FDA5D020FAA659A852A62178A8D0B1C3A4BBE2D5FB629749ADCEF2630933DFF2CEA90037FBA2E81AC00821155D54C6FFED208F8B7E32893CA3F9DAE0D8BACCA9DB570050094FF5B246029CA93C2F9152A3BE6A30F03D05
  797:d=1  hl=3 l= 129 prim: INTEGER           :BA4A777B95FD45C288B24953AC330619CA3A0A8CB659B3FDE2D62AFF6FF83FC9D6ECB6855608F5E4F684957EA0A6B60B524E7D9F131C3DA4AA4995C9AF24835C6EE7E92155E63F64CF342463A97ED54C930A64E56610D3311C33FF96D767F5B9B3AC23B50712BE6CD84367BAC5217AF7E125D430E6CBCC7F0961D976DEF2260F
  929:d=1  hl=3 l= 129 prim: INTEGER           :9A733159939E3152F257A21B1E64CBF03B0477201586149EEE2E1FA129D7647E2DDB61C5212C645896CB86D83E6DFF7FE91B0DDFE6B2FF9FF615D880C7DEFEF6F31F896669699E9BA4AE722A35A20C5EEE1C41DAB0CF81C103E38E91CE2CF28B51AD7593EB722413D402575768D845A569DCF5A0380C47BD0BF51BDB68802FD5
 1061:d=1  hl=3 l= 128 prim: INTEGER           :263F65564D8AEE9719CD74467C3161400925ED7395D4FB6E0DBDEA3CB85F48D0A948758473275DCA32E5310715AD4B9016728CA7309EA3EB641FC4D6CF70D6BB3437F333480F658DB8431B4234F904083BFDDA3EA094A81124A4C1CF593AEB711BC52E88C5F1461143CA47FF70F1CB9349E108A5749BF2A321F1E470D30DEB96
==5059== 
==5059== HEAP SUMMARY:
==5059==     in use at exit: 0 bytes in 0 blocks
==5059==   total heap usage: 4,136 allocs, 4,136 frees, 174,699 bytes allocated
==5059== 
==5059== All heap blocks were freed -- no leaks are possible
==5059== 
==5059== For lists of detected and suppressed errors, rerun with: -s
==5059== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)



Bug is fixed, marking as Verified SanityOnly.

Comment 5 Alicja Kario 2019-07-09 13:06:52 UTC

In general, we create automated test cases in beaker and link them to TCMS test plan.

Will you do that?

Comment 6 bsmejkal 2019-07-09 14:27:42 UTC

Hi,
I verified it manually and then found out you want everything automated, if it's possible. 
I have the test ready, will update links ASAP.

Comment 10 errata-xmlrpc 2019-11-05 22:40:19 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:3700

Note You need to log in before you can comment on or make changes to this bug.