[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Wget-dev] wget2 | test-ocsp-server fails on 32bit build (with ASAN) (#4
From: |
Tim Rühsen |
Subject: |
[Wget-dev] wget2 | test-ocsp-server fails on 32bit build (with ASAN) (#478) |
Date: |
Fri, 20 Sep 2019 14:09:31 +0000 |
Tim Rühsen created an issue: https://gitlab.com/gnuwget/wget2/issues/478
```
$ cat tests/test-ocsp-server.log
Removed test directory '../.test_7078'
cmd=/src/wget2/tests/../src/wget2_noinstall -d --no-config --no-local-db
--max-threads=1 --prefer-family=ipv4 --no-proxy --timeout 10
--ca-certificate=/src/wget2/tests/certs/ocsp/x509-root-cert.pem --no-ocsp-file
--no-ocsp-date --no-ocsp-nonce --ocsp --ocsp-server http://localhost:36671
"https://localhost:38655/index.html" 2>&1
Testing '/src/wget2/tests/../src/wget2_noinstall -d --no-config --no-local-db
--max-threads=1 --prefer-family=ipv4 --no-proxy --timeout 10
--ca-certificate=/src/wget2/tests/certs/ocsp/x509-root-cert.pem --no-ocsp-file
--no-ocsp-date --no-ocsp-nonce --ocsp --ocsp-server http://localhost:36671
"https://localhost:38655/index.html" 2>&1'
=================================================================
==7078==ERROR: AddressSanitizer: stack-buffer-overflow on address 0xf44fe1e4 at
pc 0x0813ba3f bp 0xf44fe148 sp 0xf44fe140
WRITE of size 4 at 0xf44fe1e4 thread T2 (MHD-single)
#0 0x813ba3e in _ocsp_cert_callback /src/wget2/tests/libtest.c:311:13
#1 0x8279dd5 in call_legacy_cert_cb2 /src/gnutls/lib/cert-cred.c:731:8
#2 0x841be19 in call_get_cert_callback /src/gnutls/lib/auth/cert.c:443:7
#3 0x8423584 in _gnutls_select_server_cert
/src/gnutls/lib/auth/cert.c:1541:10
#4 0x842f9b0 in _gnutls_figure_common_ciphersuite
/src/gnutls/lib/algorithms/ciphersuites.c:1515:13
#5 0x8217026 in _gnutls_server_select_suite
/src/gnutls/lib/handshake.c:1088:8
#6 0x821a291 in read_client_hello /src/gnutls/lib/handshake.c:803:8
#7 0x8215fea in _gnutls_recv_handshake /src/gnutls/lib/handshake.c:1569:10
#8 0x82245cc in handshake_server /src/gnutls/lib/handshake.c:3337:7
#9 0x821e932 in gnutls_handshake /src/gnutls/lib/handshake.c:2727:9
#10 0x81e150b in MHD_run_tls_handshake_
/src/libmicrohttpd-0.9.66/src/microhttpd/connection_https.c:155:13
#11 0x81997b9 in MHD_connection_handle_read
/src/libmicrohttpd-0.9.66/src/microhttpd/connection.c:3185:16
#12 0x81c5066 in call_handlers
/src/libmicrohttpd-0.9.66/src/microhttpd/daemon.c:1205:11
#13 0x81b7110 in internal_run_from_select
/src/libmicrohttpd-0.9.66/src/microhttpd/daemon.c:3515:11
#14 0x81b815e in MHD_select
/src/libmicrohttpd-0.9.66/src/microhttpd/daemon.c:3779:18
#15 0x81c0073 in MHD_polling_thread
/src/libmicrohttpd-0.9.66/src/microhttpd/daemon.c:4698:2
#16 0x81d60b4 in named_thread_starter
/src/libmicrohttpd-0.9.66/src/microhttpd/mhd_threads.c:275:10
#17 0x810a9d2 in __asan::AsanThread::ThreadStart(unsigned long long,
__sanitizer::atomic_uintptr_t*)
/src/llvm/projects/compiler-rt/lib/asan/asan_thread.cpp:262:25
#18 0x80e95b7 in asan_thread_start(void*)
/src/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cpp:200:13
#19 0xf7ef0269 in start_thread
/build/glibc-LK5gWL/glibc-2.23/nptl/pthread_create.c:333
#20 0xf7d9a41d in clone (/lib32/libc.so.6+0xe541d)
Address 0xf44fe1e4 is located in stack of thread T2 (MHD-single) at offset 36
in frame
#0 0x841bb1f in call_get_cert_callback /src/gnutls/lib/auth/cert.c:409
This frame has 7 object(s):
[16, 20) 'local_key' (line 410)
[32, 36) 'pcert' (line 414) <== Memory access at offset 36 overflows this
variable
[48, 52) 'ocsp' (line 415)
[64, 68) 'ocsp_length' (line 416)
[80, 84) 'pcert_length' (line 417)
[96, 184) 'info' (line 431)
[224, 228) 'flags' (line 432)
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
Thread T2 (MHD-single) created by T0 here:
#0 0x80e94ac in pthread_create
/src/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cpp:209:3
#1 0x81d5da6 in MHD_create_thread_
/src/libmicrohttpd-0.9.66/src/microhttpd/mhd_threads.c:203:11
#2 0x81d5f66 in MHD_create_named_thread_
/src/libmicrohttpd-0.9.66/src/microhttpd/mhd_threads.c:350:9
#3 0x81bb2df in MHD_start_daemon_va
/src/libmicrohttpd-0.9.66/src/microhttpd/daemon.c:6338:17
#4 0x81b85e7 in MHD_start_daemon
/src/libmicrohttpd-0.9.66/src/microhttpd/daemon.c:4771:12
#5 0x813424f in _http_server_start /src/wget2/tests/libtest.c:779:18
#6 0x8133d23 in wget_test_start_server /src/wget2/tests/libtest.c:1298:13
#7 0x81315ed in main /src/wget2/tests/test-ocsp-server.c:36:2
#8 0xf7ccd636 in __libc_start_main (/lib32/libc.so.6+0x18636)
SUMMARY: AddressSanitizer: stack-buffer-overflow
/src/wget2/tests/libtest.c:311:13 in _ocsp_cert_callback
Shadow bytes around the buggy address:
0x3e89fbe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x3e89fbf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x3e89fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x3e89fc10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x3e89fc20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x3e89fc30: 00 00 00 00 00 00 00 00 f1 f1 04 f2[04]f2 04 f2
0x3e89fc40: 04 f2 04 f2 00 00 00 00 00 00 00 00 00 00 00 f2
0x3e89fc50: f2 f2 f2 f2 04 f3 00 00 00 00 00 00 00 00 00 00
0x3e89fc60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x3e89fc70: f1 f1 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x3e89fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==7078==ABORTING
FAIL test-ocsp-server (exit status: 1)
```
--
Reply to this email directly or view it on GitLab:
https://gitlab.com/gnuwget/wget2/issues/478
You're receiving this email because of your account on gitlab.com.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Wget-dev] wget2 | test-ocsp-server fails on 32bit build (with ASAN) (#478),
Tim Rühsen <=