# echo -n passwd| nettle-pbkdf2 -i 1 -l 16 [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
Which version do you use? I am getting usage in 3.6.1 as SALT parameter is missing.
On Wed, Apr 10, 2019 at 6:19 AM Yu, Mingli mingli.yu@windriver.com wrote:
# echo -n passwd| nettle-pbkdf2 -i 1 -l 16 [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
On 2019年04月10日 12:31, Alon Bar-Lev wrote:
Which version do you use?
The version is 3.4.1.
I am getting usage in 3.6.1 as SALT parameter is missing.
On Wed, Apr 10, 2019 at 6:19 AM Yu, Mingli <mingli.yu@windriver.com mailto:mingli.yu@windriver.com> wrote:
# echo -n passwd| nettle-pbkdf2 -i 1 -l 16 [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se <mailto:nettle-bugs@lists.lysator.liu.se> http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
On 2019年04月10日 12:31, Alon Bar-Lev wrote:
Which version do you use? I am getting usage in 3.6.1 as SALT parameter is missing.
BTW, I noticed the latest nettle is 3.4.1 at http://ftp.gnu.org/gnu/nettle/, where do you get the version 3.6.1?
Thanks,
On Wed, Apr 10, 2019 at 6:19 AM Yu, Mingli <mingli.yu@windriver.com mailto:mingli.yu@windriver.com> wrote:
# echo -n passwd| nettle-pbkdf2 -i 1 -l 16 [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se <mailto:nettle-bugs@lists.lysator.liu.se> http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
"Yu, Mingli" mingli.yu@windriver.com writes:
# echo -n passwd| nettle-pbkdf2 -i 1 -l 16 [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
I can't reproduce this crash. Gives me a usage message, and if I add a salt argument, I get a hex digest out, as expected. Which version and platform are you using?
Can you get a backtrace? (start "gdb nettle-pbkdf2", at the gdb prompt type "run -i 1 -l 16", if it crashes, type "bt" for backtrace).
Regards, /Niels
On 2019年04月10日 13:02, Niels Möller wrote:
"Yu, Mingli" mingli.yu@windriver.com writes:
# echo -n passwd| nettle-pbkdf2 -i 1 -l 16 [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
I can't reproduce this crash. Gives me a usage message, and if I add a salt argument, I get a hex digest out, as expected. Which version and platform are you using?
It's 3.4.1 and I did use it as below: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt
Can you get a backtrace? (start "gdb nettle-pbkdf2", at the gdb prompt
I don't know how to use nettle-pbkdf2 actually and it didn't return when I run as below: # nettle-pbkdf2 -i 1 -l 16 salt
But instead, it can return at once as below with Segmentation fault, but not succeeded to use gdb to run with below command: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt
type "run -i 1 -l 16", if it crashes, type "bt" for backtrace).
Regards, /Niels
"Yu, Mingli" mingli.yu@windriver.com writes:
It's 3.4.1 and I did use it as below: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt
That's the latest version.
Can you get a backtrace? (start "gdb nettle-pbkdf2", at the gdb prompt
I don't know how to use nettle-pbkdf2 actually and it didn't return when I run as below: # nettle-pbkdf2 -i 1 -l 16 salt
Sorry, it wants to read the input password on stdin. Try echo foo > /tmp/foo, and then start it in gdb as
run nettle-pbkdf2 -i 1 -l 16 salt < /tmp/foo
What kind of machine, operating system, and compiler are you using? Since the testsuite passes on the test systems (including x86_64 and cross-compile setup for arm and mips), I imagine it's something somewhat unusual.
Regards, /Niels
On 2019年04月10日 14:25, Niels Möller wrote:
"Yu, Mingli" mingli.yu@windriver.com writes:
It's 3.4.1 and I did use it as below: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt
That's the latest version.
Can you get a backtrace? (start "gdb nettle-pbkdf2", at the gdb prompt
I don't know how to use nettle-pbkdf2 actually and it didn't return when I run as below: # nettle-pbkdf2 -i 1 -l 16 salt
Sorry, it wants to read the input password on stdin. Try echo foo > /tmp/foo, and then start it in gdb as
run nettle-pbkdf2 -i 1 -l 16 salt < /tmp/foo
# echo -n passwd|nettle-pbkdf2 -i 1 -l 16 salt [77641.250170] nettle-pbkdf2[806]: segfault at ffffffffcb811260 ip 00007f4c115fd998 sp 00007ffc5a7f38d0 error 5 in libnettle.so.6.5[7f4c115eb] [77641.250574] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
# echo -n passwd > /tmp/passwd # gdb nettle-pbkdf2 GNU gdb (GDB) 8.2.1 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-wrs-linux". Type "show configuration" for configuration details. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/. Find the GDB manual and other documentation resources online at: http://www.gnu.org/software/gdb/documentation/.
For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from nettle-pbkdf2...(no debugging symbols found)...done. (gdb) run nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd Starting program: /usr/bin/nettle-pbkdf2 nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd Usage: nettle-pbkdf2 [OPTIONS] SALT Options: --help Show this help. -V, --version Show version information. -i, --iterations=COUNT Desired iteration count (default 10000). -l, --length=LENGTH Desired output length (octets, default 16) --raw Raw binary output. --hex-salt Use hex encoding for the salt. [Inferior 1 (process 793) exited with code 01] (gdb) quit
# cat /tmp/passwd passwd
What kind of machine, operating system, and compiler are you using? Since the testsuite passes on the test systems (including x86_64 and
I work on x86_64 and use gcc for compiler.
cross-compile setup for arm and mips), I imagine it's something somewhat unusual.
Regards, /Niels
On 2019年04月10日 14:37, Yu, Mingli wrote:
On 2019年04月10日 14:25, Niels Möller wrote:
"Yu, Mingli" mingli.yu@windriver.com writes:
It's 3.4.1 and I did use it as below: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt
That's the latest version.
Can you get a backtrace? (start "gdb nettle-pbkdf2", at the gdb prompt
I don't know how to use nettle-pbkdf2 actually and it didn't return when I run as below: # nettle-pbkdf2 -i 1 -l 16 salt
Sorry, it wants to read the input password on stdin. Try echo foo > /tmp/foo, and then start it in gdb as
run nettle-pbkdf2 -i 1 -l 16 salt < /tmp/foo
# echo -n passwd|nettle-pbkdf2 -i 1 -l 16 salt [77641.250170] nettle-pbkdf2[806]: segfault at ffffffffcb811260 ip 00007f4c115fd998 sp 00007ffc5a7f38d0 error 5 in libnettle.so.6.5[7f4c115eb] [77641.250574] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
# echo -n passwd > /tmp/passwd # gdb nettle-pbkdf2 GNU gdb (GDB) 8.2.1 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-wrs-linux". Type "show configuration" for configuration details. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/. Find the GDB manual and other documentation resources online at: http://www.gnu.org/software/gdb/documentation/.
For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from nettle-pbkdf2...(no debugging symbols found)...done. (gdb) run nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd Starting program: /usr/bin/nettle-pbkdf2 nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd Usage: nettle-pbkdf2 [OPTIONS] SALT Options: --help Show this help. -V, --version Show version information. -i, --iterations=COUNT Desired iteration count (default 10000). -l, --length=LENGTH Desired output length (octets, default 16) --raw Raw binary output. --hex-salt Use hex encoding for the salt. [Inferior 1 (process 793) exited with code 01] (gdb) quit
It's weird, this time I get the backstace with gdb as below:
(gdb) run -i 1 -l 16 salt < /tmp/passwd Starting program: /usr/bin/nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd
Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7fad998 in nettle_sha256_update () from /usr/lib64/libnettle.so.6 (gdb) bt #0 0x00007ffff7fad998 in nettle_sha256_update () from /usr/lib64/libnettle.so.6 #1 0x00007ffff7fa9bb6 in nettle_pbkdf2 () from /usr/lib64/libnettle.so.6 #2 0x00007ffff7fa9dd3 in nettle_pbkdf2_hmac_sha256 () from /usr/lib64/libnettle.so.6 #3 0x000055555555544c in ?? () #4 0x00007ffff7dfdb6b in __libc_start_main (main=0x5555555551a0, argc=6, argv=0x7fffffffebc8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffebb8) at ../csu/libc-start.c:308 #5 0x00005555555555ba in ?? ()
# cat /tmp/passwd passwd
What kind of machine, operating system, and compiler are you using? Since the testsuite passes on the test systems (including x86_64 and
I work on x86_64 and use gcc for compiler.
cross-compile setup for arm and mips), I imagine it's something somewhat unusual.
Regards, /Niels
nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
On 2019年04月10日 14:53, Yu, Mingli wrote:
On 2019年04月10日 14:37, Yu, Mingli wrote:
On 2019年04月10日 14:25, Niels Möller wrote:
"Yu, Mingli" mingli.yu@windriver.com writes:
It's 3.4.1 and I did use it as below: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt
That's the latest version.
Can you get a backtrace? (start "gdb nettle-pbkdf2", at the gdb prompt
I don't know how to use nettle-pbkdf2 actually and it didn't return when I run as below: # nettle-pbkdf2 -i 1 -l 16 salt
Sorry, it wants to read the input password on stdin. Try echo foo > /tmp/foo, and then start it in gdb as
run nettle-pbkdf2 -i 1 -l 16 salt < /tmp/foo
# echo -n passwd|nettle-pbkdf2 -i 1 -l 16 salt [77641.250170] nettle-pbkdf2[806]: segfault at ffffffffcb811260 ip 00007f4c115fd998 sp 00007ffc5a7f38d0 error 5 in libnettle.so.6.5[7f4c115eb] [77641.250574] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
# echo -n passwd > /tmp/passwd # gdb nettle-pbkdf2 GNU gdb (GDB) 8.2.1 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-wrs-linux". Type "show configuration" for configuration details. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/. Find the GDB manual and other documentation resources online at: http://www.gnu.org/software/gdb/documentation/.
For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from nettle-pbkdf2...(no debugging symbols found)...done. (gdb) run nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd Starting program: /usr/bin/nettle-pbkdf2 nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd Usage: nettle-pbkdf2 [OPTIONS] SALT Options: --help Show this help. -V, --version Show version information. -i, --iterations=COUNT Desired iteration count (default 10000). -l, --length=LENGTH Desired output length (octets, default 16) --raw Raw binary output. --hex-salt Use hex encoding for the salt. [Inferior 1 (process 793) exited with code 01] (gdb) quit
It's weird, this time I get the backstace with gdb as below:
(gdb) run -i 1 -l 16 salt < /tmp/passwd Starting program: /usr/bin/nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd
Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7fad998 in nettle_sha256_update () from /usr/lib64/libnettle.so.6 (gdb) bt #0 0x00007ffff7fad998 in nettle_sha256_update () from /usr/lib64/libnettle.so.6 #1 0x00007ffff7fa9bb6 in nettle_pbkdf2 () from /usr/lib64/libnettle.so.6 #2 0x00007ffff7fa9dd3 in nettle_pbkdf2_hmac_sha256 () from /usr/lib64/libnettle.so.6 #3 0x000055555555544c in ?? () #4 0x00007ffff7dfdb6b in __libc_start_main (main=0x5555555551a0, argc=6, argv=0x7fffffffebc8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffebb8) at ../csu/libc-start.c:308 #5 0x00005555555555ba in ?? ()
(gdb) r -i 1 -l 16 salt < /tmp/passwd Starting program: /usr/bin/nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd
Program received signal SIGSEGV, Segmentation fault. nettle_sha256_update (ctx=0x7fffffffe5c0, length=<optimized out>, data=0x55559260 <error: Cannot access memory at address 0x55559260>) at ../nettle-3.4.1/sha256.c:99 99 ../nettle-3.4.1/sha256.c: No such file or directory. (gdb) bt #0 nettle_sha256_update (ctx=0x7fffffffe5c0, length=<optimized out>, data=0x55559260 <error: Cannot access memory at address 0x55559260>) at ../nettle-3.4.1/sha256.c:99 #1 0x00007ffff7fa9bb6 in nettle_pbkdf2 (mac_ctx=mac_ctx@entry=0x7fffffffe4e0, update=0x7ffff7fa7cb0 <nettle_hmac_sha256_update>, digest=0x7ffff7fa7cc0 <nettle_hmac_sha256_digest>, digest_size=digest_size@entry=32, iterations=iterations@entry=1, salt_length=salt_length@entry=4, salt=0x55559260 <error: Cannot access memory at address 0x55559260>, length=16, dst=0x55555555a290 "") at ../nettle-3.4.1/pbkdf2.c:78 #2 0x00007ffff7fa9dd3 in nettle_pbkdf2_hmac_sha256 ( key_length=<optimized out>, key=<optimized out>, iterations=1, salt_length=4, salt=0x55559260 <error: Cannot access memory at address 0x55559260>, length=16, dst=0x55555555a290 "") at ../nettle-3.4.1/pbkdf2-hmac-sha256.c:51 #3 0x000055555555544c in main (argc=<optimized out>, argv=<optimized out>) at ../../nettle-3.4.1/tools/nettle-pbkdf2.c:167
Seems it breaks here in sha256_update function of sha256.c MD_UPDATE (ctx, length, data, COMPRESS, ctx->count++);
# cat /tmp/passwd passwd
What kind of machine, operating system, and compiler are you using? Since the testsuite passes on the test systems (including x86_64 and
I work on x86_64 and use gcc for compiler.
cross-compile setup for arm and mips), I imagine it's something somewhat unusual.
Regards, /Niels
nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
"Yu, Mingli" mingli.yu@windriver.com writes:
Program received signal SIGSEGV, Segmentation fault. nettle_sha256_update (ctx=0x7fffffffe5c0, length=<optimized out>, data=0x55559260 <error: Cannot access memory at address 0x55559260>) at ../nettle-3.4.1/sha256.c:99 99 ../nettle-3.4.1/sha256.c: No such file or directory. (gdb) bt #0 nettle_sha256_update (ctx=0x7fffffffe5c0, length=<optimized out>, data=0x55559260 <error: Cannot access memory at address 0x55559260>) at ../nettle-3.4.1/sha256.c:99 #1 0x00007ffff7fa9bb6 in nettle_pbkdf2 (mac_ctx=mac_ctx@entry=0x7fffffffe4e0, update=0x7ffff7fa7cb0 <nettle_hmac_sha256_update>, digest=0x7ffff7fa7cc0 <nettle_hmac_sha256_digest>, digest_size=digest_size@entry=32, iterations=iterations@entry=1, salt_length=salt_length@entry=4, salt=0x55559260 <error: Cannot access memory at address 0x55559260>, length=16, dst=0x55555555a290 "") at ../nettle-3.4.1/pbkdf2.c:78 #2 0x00007ffff7fa9dd3 in nettle_pbkdf2_hmac_sha256 ( key_length=<optimized out>, key=<optimized out>, iterations=1, salt_length=4, salt=0x55559260 <error: Cannot access memory at address 0x55559260>, length=16, dst=0x55555555a290 "") at ../nettle-3.4.1/pbkdf2-hmac-sha256.c:51 #3 0x000055555555544c in main (argc=<optimized out>, argv=<optimized out>) at ../../nettle-3.4.1/tools/nettle-pbkdf2.c:167
Not sure if everything here can be trusted, but the
salt=0x55559260 <error: Cannot access memory at address 0x55559260>,
in the backtrace indicates some problem with the salt passed down fron the nettle-pbkdf2 tool to the nettle library functions.
It's allocated as
salt = strdup (argv[0]);
at line 146 in tools/nettle-pbkdf2.c (after an argv += optind). I note that there's no check of the return value, but if strdup fails it should return NULL, which would be a different invalid address.
You may want to examine the values of those variables in the debugger or with debug printouts. E.g, try this patch.
--- a/tools/nettle-pbkdf2.c +++ b/tools/nettle-pbkdf2.c @@ -144,6 +144,11 @@ main (int argc, char **argv) }
salt = strdup (argv[0]); + if (!salt) + die ("strdup failed: Virtual memory exhausted.\n"); + fprintf(stderr, "argv[0]: '%s'\n", argv[0]); + fprintf(stderr, "copy (salt): '%s'\n", salt); + salt_length = strlen(argv[0]);
if (hex_salt)
What kind of machine, operating system, and compiler are you using? Since the testsuite passes on the test systems (including x86_64 and
I work on x86_64 and use gcc for compiler.
And operating system, please?
Regards, /Niels
On 2019年04月11日 03:49, Niels Möller wrote:
"Yu, Mingli" mingli.yu@windriver.com writes:
Program received signal SIGSEGV, Segmentation fault. nettle_sha256_update (ctx=0x7fffffffe5c0, length=<optimized out>, data=0x55559260 <error: Cannot access memory at address 0x55559260>) at ../nettle-3.4.1/sha256.c:99 99 ../nettle-3.4.1/sha256.c: No such file or directory. (gdb) bt #0 nettle_sha256_update (ctx=0x7fffffffe5c0, length=<optimized out>, data=0x55559260 <error: Cannot access memory at address 0x55559260>) at ../nettle-3.4.1/sha256.c:99 #1 0x00007ffff7fa9bb6 in nettle_pbkdf2 (mac_ctx=mac_ctx@entry=0x7fffffffe4e0, update=0x7ffff7fa7cb0 <nettle_hmac_sha256_update>, digest=0x7ffff7fa7cc0 <nettle_hmac_sha256_digest>, digest_size=digest_size@entry=32, iterations=iterations@entry=1, salt_length=salt_length@entry=4, salt=0x55559260 <error: Cannot access memory at address 0x55559260>, length=16, dst=0x55555555a290 "") at ../nettle-3.4.1/pbkdf2.c:78 #2 0x00007ffff7fa9dd3 in nettle_pbkdf2_hmac_sha256 ( key_length=<optimized out>, key=<optimized out>, iterations=1, salt_length=4, salt=0x55559260 <error: Cannot access memory at address 0x55559260>, length=16, dst=0x55555555a290 "") at ../nettle-3.4.1/pbkdf2-hmac-sha256.c:51 #3 0x000055555555544c in main (argc=<optimized out>, argv=<optimized out>) at ../../nettle-3.4.1/tools/nettle-pbkdf2.c:167
Not sure if everything here can be trusted, but the
salt=0x55559260 <error: Cannot access memory at address 0x55559260>,
in the backtrace indicates some problem with the salt passed down fron the nettle-pbkdf2 tool to the nettle library functions.
It's allocated as
salt = strdup (argv[0]);
at line 146 in tools/nettle-pbkdf2.c (after an argv += optind). I note that there's no check of the return value, but if strdup fails it should return NULL, which would be a different invalid address.
You may want to examine the values of those variables in the debugger or with debug printouts. E.g, try this patch.
--- a/tools/nettle-pbkdf2.c +++ b/tools/nettle-pbkdf2.c @@ -144,6 +144,11 @@ main (int argc, char **argv) }
salt = strdup (argv[0]);
Thanks Niels very much for your detailed info! Yes, I also found that it breaks at "salt = strdup (argv[0]);" and generate a patch to fix it, will send out the patch.
if (!salt)
die ("strdup failed: Virtual memory exhausted.\n");
fprintf(stderr, "argv[0]: '%s'\n", argv[0]);
fprintf(stderr, "copy (salt): '%s'\n", salt);
salt_length = strlen(argv[0]);
if (hex_salt)
What kind of machine, operating system, and compiler are you using? Since the testsuite passes on the test systems (including x86_64 and
I work on x86_64 and use gcc for compiler.
And operating system, please?
The issue found at the customized OS which based on yocto as https://www.yoctoproject.org/docs/2.6.1/dev-manual/dev-manual.html
Regards, /Niels
From: Mingli Yu Mingli.Yu@windriver.com
use malloc and strncpy altogether to replace strdup for salt initialization to fix below Segmentation fault: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
Signed-off-by: Mingli Yu Mingli.Yu@windriver.com --- tools/nettle-pbkdf2.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/tools/nettle-pbkdf2.c b/tools/nettle-pbkdf2.c index fe6528d..6ecb206 100644 --- a/tools/nettle-pbkdf2.c +++ b/tools/nettle-pbkdf2.c @@ -143,7 +143,10 @@ main (int argc, char **argv) return EXIT_FAILURE; }
- salt = strdup (argv[0]); + salt = malloc (strlen(argv[0]) + 1); + if (! salt) + die ("Failed to allocate memory for salt\n"); + strncpy(salt, argv[0], sizeof(salt) - 1); salt_length = strlen(argv[0]);
if (hex_salt)
On Fri, Apr 12, 2019 at 6:04 AM mingli.yu@windriver.com wrote:
From: Mingli Yu Mingli.Yu@windriver.com
use malloc and strncpy altogether to replace strdup for salt initialization to fix below Segmentation fault: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
Signed-off-by: Mingli Yu Mingli.Yu@windriver.com
tools/nettle-pbkdf2.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/tools/nettle-pbkdf2.c b/tools/nettle-pbkdf2.c index fe6528d..6ecb206 100644 --- a/tools/nettle-pbkdf2.c +++ b/tools/nettle-pbkdf2.c @@ -143,7 +143,10 @@ main (int argc, char **argv) return EXIT_FAILURE; }
- salt = strdup (argv[0]);
- salt = malloc (strlen(argv[0]) + 1);
- if (! salt)
die ("Failed to allocate memory for salt\n");- strncpy(salt, argv[0], sizeof(salt) - 1);
Hi,
Isn't this a bug in libc/strdup and not in nettle? This implementation is the same as what expected from strdup.
As a workaround I would have added CPPFLAGS="-Dstrdup(x) ...." instead of introducing workarounds for libc bugs, and send a patch to the libc, as this may affect more than this single strdup.
Even if such workaround is to be added, it should be added using autoconf detection and a stub of _strdup(x) and a #define strdup _strdup if a known issue is detected, again, this should affect al strdup usages.
I would add the die statement, but not replace the strdup.
salt = strdup(argv[0]); +if (!salt) + die(...)
However, looking at the code, I believe the allocation of memory is not required... it can be:
- salt = strdup (argv[0]); - salt_length = strlen(argv[0]); + salt = argv[0]; + salt_length = strlen(salt); ... - free (salt);
As argv is kept during execution.
Regards, Alon
Alon Bar-Lev alon.barlev@gmail.com writes:
Isn't this a bug in libc/strdup and not in nettle? This implementation is the same as what expected from strdup.
I agree. Please file a bug report for the C library you're using. strdup is a standard posix function (if not part of the C language standard), and widely used, see https://codesearch.debian.net/search?q=strdup&perpkg=1
As a workaround I would have added CPPFLAGS="-Dstrdup(x) ...." instead of introducing workarounds for libc bugs,
-D'strdup(x)=strcpy(malloc(strlen(x)+1, x))'
might work (since strcpy returns the pointer to the destination string).
However, looking at the code, I believe the allocation of memory is not required... it can be:
The if (hex_salt) {...} block overwrites the salt storage, for in-place hex decoding. I don't quite like overwriting the strings passed in via argv, even if it might be possible. So when I wrote this tool, always allocating a writable copy, and calling free unconditionally, seemed nice and easy,
Regards, /Niels
On Fri, Apr 12, 2019 at 10:07 AM Niels Möller nisse@lysator.liu.se wrote:
However, looking at the code, I believe the allocation of memory is not required... it can be:
The if (hex_salt) {...} block overwrites the salt storage, for in-place hex decoding. I don't quite like overwriting the strings passed in via argv, even if it might be possible. So when I wrote this tool, always allocating a writable copy, and calling free unconditionally, seemed nice and easy,
Fair enough :)
Thanks very much for Niels and Alon's information!
After double check, I found the strdup triggers Segmentation fault when -std=c99 included in compiler flags while compile nettle.
On 2019年04月12日 15:10, Alon Bar-Lev wrote:
On Fri, Apr 12, 2019 at 10:07 AM Niels Möller nisse@lysator.liu.se wrote:
However, looking at the code, I believe the allocation of memory is not required... it can be:
The if (hex_salt) {...} block overwrites the salt storage, for in-place hex decoding. I don't quite like overwriting the strings passed in via argv, even if it might be possible. So when I wrote this tool, always allocating a writable copy, and calling free unconditionally, seemed nice and easy,
Fair enough :)
On 2019年04月10日 14:37, Yu, Mingli wrote:
On 2019年04月10日 14:25, Niels Möller wrote:
"Yu, Mingli" mingli.yu@windriver.com writes:
It's 3.4.1 and I did use it as below: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt
That's the latest version.
Can you get a backtrace? (start "gdb nettle-pbkdf2", at the gdb prompt
I don't know how to use nettle-pbkdf2 actually and it didn't return when I run as below: # nettle-pbkdf2 -i 1 -l 16 salt
Sorry, it wants to read the input password on stdin. Try echo foo > /tmp/foo, and then start it in gdb as
run nettle-pbkdf2 -i 1 -l 16 salt < /tmp/foo
# echo -n passwd|nettle-pbkdf2 -i 1 -l 16 salt [77641.250170] nettle-pbkdf2[806]: segfault at ffffffffcb811260 ip 00007f4c115fd998 sp 00007ffc5a7f38d0 error 5 in libnettle.so.6.5[7f4c115eb] [77641.250574] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
# echo -n passwd > /tmp/passwd # gdb nettle-pbkdf2 GNU gdb (GDB) 8.2.1 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-wrs-linux". Type "show configuration" for configuration details. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/. Find the GDB manual and other documentation resources online at: http://www.gnu.org/software/gdb/documentation/.
For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from nettle-pbkdf2...(no debugging symbols found)...done. (gdb) run nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd Starting program: /usr/bin/nettle-pbkdf2 nettle-pbkdf2 -i 1 -l 16 salt < /tmp/passwd Usage: nettle-pbkdf2 [OPTIONS] SALT Options: --help Show this help. -V, --version Show version information. -i, --iterations=COUNT Desired iteration count (default 10000). -l, --length=LENGTH Desired output length (octets, default 16) --raw Raw binary output. --hex-salt Use hex encoding for the salt. [Inferior 1 (process 793) exited with code 01] (gdb) quit
Please ignore this, @_@, I made a typo here.
# cat /tmp/passwd passwd
What kind of machine, operating system, and compiler are you using? Since the testsuite passes on the test systems (including x86_64 and
I work on x86_64 and use gcc for compiler.
cross-compile setup for arm and mips), I imagine it's something somewhat unusual.
Regards, /Niels
nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
On 2019年04月10日 13:02, Niels Möller wrote:
"Yu, Mingli" mingli.yu@windriver.com writes:
# echo -n passwd| nettle-pbkdf2 -i 1 -l 16 [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault
I can't reproduce this crash. Gives me a usage message, and if I add a
Or you can run below directly: # testsuite/nettle-pbkdf2-test
salt argument, I get a hex digest out, as expected. Which version and platform are you using?
Can you get a backtrace? (start "gdb nettle-pbkdf2", at the gdb prompt type "run -i 1 -l 16", if it crashes, type "bt" for backtrace).
Regards, /Niels
nettle-bugs@lists.lysator.liu.se
-
Alon Bar-Lev -
mingli.yu@windriver.com -
nisse@lysator.liu.se -
Yu, Mingli