[Bug 1951279] Re: OpenSSL 1.1.1f raise a segmentation faults on Arm64 builds

David Hess 1951279 at bugs.launchpad.net
Sat Dec 25 21:46:01 UTC 2021 

To reproduce, be on an Arm v8.3 processor and do the following:

$ gdb $(which openssl)
GNU gdb (Ubuntu 9.2-0ubuntu1~20.04) 9.2
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "aarch64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/openssl...
Reading symbols from /usr/lib/debug/.build-id/8c/c0ad363ae4508d48a68d9f9dafdbadf7bd264a.debug...
(gdb) break main
Breakpoint 1 at 0x32840: file ../apps/openssl.c, line 120.
(gdb) run s_client -showcerts -connect graph.facebook.com:443
Starting program: /usr/bin/openssl s_client -showcerts -connect graph.facebook.com:443
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".

Breakpoint 1, main (argc=5, argv=0xfffffffff478) at ../apps/openssl.c:120
120	../apps/openssl.c: No such file or directory.
(gdb) break ../crypto/poly1305/poly1305.c:502
Breakpoint 2 at 0xfffff7e082c8: file ../crypto/poly1305/poly1305.c, line 502.
(gdb) c
Continuing.
CONNECTED(00000003)

Breakpoint 2, Poly1305_Update (ctx=ctx at entry=0xaaaaaaba97f0, inp=<optimized out>, inp at entry=0xaaaaaab9e098 "\362Hd\025\245\223\351f\027\265 b䓁\207<s\261\027\036\230\031Y/\031M\307D\"F\370", <incomplete sequence \356>, len=992, len at entry=1001)
    at ../crypto/poly1305/poly1305.c:502
502	../crypto/poly1305/poly1305.c: No such file or directory.
(gdb) s
poly1305_blocks_neon () at crypto/poly1305/poly1305-armv8.S:223
223	crypto/poly1305/poly1305-armv8.S: No such file or directory.
(gdb) bt
#0  poly1305_blocks_neon () at crypto/poly1305/poly1305-armv8.S:223
#1  0x0000fffff7e082dc in Poly1305_Update (ctx=ctx at entry=0xaaaaaaba97f0, inp=<optimized out>, inp at entry=0xaaaaaab9e098 "\362Hd\025\245\223\351f\027\265 b䓁\207<s\261\027\036\230\031Y/\031M\307D\"F\370", <incomplete sequence \356>, 
    len=<optimized out>, len at entry=1001) at ../crypto/poly1305/poly1305.c:502
#2  0x0000fffff7dd7834 in chacha20_poly1305_cipher (ctx=0xaaaaaaba95b0, out=0xaaaaaab9e098 "\362Hd\025\245\223\351f\027\265 b䓁\207<s\261\027\036\230\031Y/\031M\307D\"F\370", <incomplete sequence \356>, 
    in=0xaaaaaab9e098 "\362Hd\025\245\223\351f\027\265 b䓁\207<s\261\027\036\230\031Y/\031M\307D\"F\370", <incomplete sequence \356>, len=1001) at ../crypto/evp/e_chacha20_poly1305.c:419
#3  0x0000fffff7ddc214 in EVP_DecryptUpdate (inl=1001, in=0xaaaaaab9e098 "\362Hd\025\245\223\351f\027\265 b䓁\207<s\261\027\036\230\031Y/\031M\307D\"F\370", <incomplete sequence \356>, outl=0xffffffffe360, 
    out=0xaaaaaab9e098 "\362Hd\025\245\223\351f\027\265 b䓁\207<s\261\027\036\230\031Y/\031M\307D\"F\370", <incomplete sequence \356>, ctx=0xaaaaaaba95b0) at ../crypto/evp/evp_enc.c:498
#4  EVP_DecryptUpdate (ctx=0xaaaaaaba95b0, out=0xaaaaaab9e098 "\362Hd\025\245\223\351f\027\265 b䓁\207<s\261\027\036\230\031Y/\031M\307D\"F\370", <incomplete sequence \356>, outl=0xffffffffe360, 
    in=0xaaaaaab9e098 "\362Hd\025\245\223\351f\027\265 b䓁\207<s\261\027\036\230\031Y/\031M\307D\"F\370", <incomplete sequence \356>, inl=1001) at ../crypto/evp/evp_enc.c:464
#5  0x0000fffff7f59d8c in tls13_enc (s=0xaaaaaab94ca0, recs=0xaaaaaab95a28, n_recs=<optimized out>, sending=0) at ../ssl/record/ssl3_record_tls13.c:173
#6  0x0000fffff7f58748 in ssl3_get_record (s=s at entry=0xaaaaaab94ca0) at ../ssl/record/ssl3_record.c:529
#7  0x0000fffff7f55fc0 in ssl3_read_bytes (s=0xaaaaaab94ca0, type=22, recvd_type=0xffffffffe5ec, buf=0xaaaaaab98b30 "\002", len=4, peek=0, readbytes=0xffffffffe5f0) at ../ssl/record/rec_layer_s3.c:1323
#8  0x0000fffff7f84800 in tls_get_message_header (s=s at entry=0xaaaaaab94ca0, mt=mt at entry=0xffffffffe68c) at ../ssl/statem/statem_lib.c:1160
#9  0x0000fffff7f7af74 in read_state_machine (s=0xaaaaaab94ca0) at ../ssl/statem/statem.c:579
#10 state_machine (s=0xaaaaaab94ca0, server=0) at ../ssl/statem/statem.c:434
#11 0x0000fffff7f55ce4 in ssl3_write_bytes (s=0xaaaaaab94ca0, type=23, buf_=0xaaaaaab89d90, len=0, written=0xffffffffe8e0) at ../ssl/record/rec_layer_s3.c:390
#12 0x0000fffff7f66b74 in ssl_write_internal (s=s at entry=0xaaaaaab94ca0, buf=buf at entry=0xaaaaaab89d90, num=num at entry=0, written=written at entry=0xffffffffe8e0) at ../ssl/ssl_lib.c:1958
#13 0x0000fffff7f66ca0 in SSL_write (s=s at entry=0xaaaaaab94ca0, buf=buf at entry=0xaaaaaab89d90, num=num at entry=0) at ../ssl/ssl_lib.c:1972
#14 0x0000aaaaaab00250 in s_client_main (argc=<optimized out>, argv=<optimized out>) at ../apps/s_client.c:2859
#15 0x0000aaaaaaaeffd4 in do_cmd (prog=0xaaaaaab84740, argc=4, argv=0xfffffffff480) at ../apps/openssl.c:570
#16 0x0000aaaaaaadcc04 in main (argc=4, argv=0xfffffffff480) at ../apps/openssl.c:189
(gdb) finish
Run till exit from #0  poly1305_blocks_neon () at crypto/poly1305/poly1305-armv8.S:223

Program received signal SIGSEGV, Segmentation fault.
0x0020fffff7e082dc in ?? ()
(gdb) bt
#0  0x0020fffff7e082dc in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1951279

Title:
  OpenSSL 1.1.1f raise a segmentation faults on Arm64 builds

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  Description
  -----------

  It seems that current Ubuntu 20.04 (Focal) distribution for
  Arm64/Aarch64 raise a segmentation fault when certain validates some
  certificates.

  This issue affects only to Arm64/Aarch64 all the tools statically or
  dynamically linked with this version of the library are affected
  (Libcurl4, Curl, Wget, OpenJDK, Curl-PHP, etc).

  
  Environment and platform
  ------------------------
  Linux 5.4.0-89-generic #100-Ubuntu SMP Fri Sep 24 14:29:20 UTC 2021 aarch64 aarch64 aarch64 GNU/Linux

  
  Steps to reproduce
  ------------------

  1. Run:

  curl -v https://graph.facebook.com/v12.0/act_111/

  or

  wget https://graph.facebook.com/v12.0/act_111/

  
  Result received
  ---------------

  Segmentation fault (core dumped)

  
  Notes
  -----

  This bug was found by the Curl users:
  See: https://github.com/curl/curl/issues/8024

  I believe that this bug is related to
  https://ubuntu.com/security/CVE-2020-1967 that maybe used as a vector
  point for code injection.

  Actually there isn't any replacement for OpenSSL 1.1.1f for Focal
  (Arm64), so it makes difficult to use Ubuntu 20.04 in a production
  environment.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1951279/+subscriptions

More information about the foundations-bugs mailing list