Ubuntu
openssl package

openssl: EVP_EC_gen() segfault without init

Bug #1974037 reported by Simon Chopin
26
This bug affects 3 people
Affects Status Importance Assigned to Milestone
openssl (Debian)
Fix Released
Unknown
openssl (Ubuntu)
Fix Released
High
Unassigned
Jammy
Fix Released
High
Unassigned
Kinetic
Fix Released
High
Unassigned

Bug Description

[Impact]

The fix for https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1968997 has broken some code paths as the new string comparison functions now need initialization, triggering segafults.

The provided debdiff fixes the immediate issue and also settles on a new implementation not requiring the initialization in the first place.

[Test Plan]

Since this is a regression fix, we first need to check that the original bug hasn't cropped up again:

sudo locale-gen tr_TR.UTF-8
LANG=C curl https://ubuntu.com/ > /dev/null # This work
LANG=tr_TF.UTF-8 curl https://ubuntu.com/ > /dev/null # This should work as well

For the regression itself:

sudo apt install libssl-dev
cat <<EOF > openssl_test.c
#include <openssl/evp.h>
int main()
{
    EVP_PKEY_Q_keygen(NULL, NULL, "EC", "P-256");
}
EOF
gcc openssl_test.c -lcrypto -lssl -o openssl_test
./openssl_test

[Where problems could occur]

This new patch set is relatively massive, on top of another massive one.
Some new regressions could crop up of a similar kind. Furthermore, the
homegrown string comparison function could be buggy, leading to algorithm name mismatches.

[Other info]

The patches all come from upstream and have been merged on their 3.0 maintenance branch.

[Original report]

Source: sscg
Version: 3.0.2-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/logs.php?pkg=sscg&ver=3.0.2-1%2Bb1

...
 1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV
04:32:21 MALLOC_PERTURB_=87 /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/generate_rsa_key_test
...

Summary of Failures:

 1/10 generate_rsa_key_test FAIL 0.01s killed by signal 11 SIGSEGV

Ok: 9
Expected Fail: 0
Fail: 1
Unexpected Pass: 0
Skipped: 0
Timeout: 0
dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=4 ninja test returned exit code 1
make: *** [debian/rules:6: binary-arch] Error 25

This has also been reported on the openssl-users mailing list:

https://<email address hidden>/msg90830.html

See original description

Related branches

~schopin/ubuntu/+source/openssl:merge-lp1974035-kinetic
Canonical Server: Pending requested
git-ubuntu import: Pending requested
Diff: 5913 lines (+5452/-13)
49 files modified
debian/README.debian (+0/-8)
debian/changelog (+524/-0)
debian/control (+4/-1)
debian/libssl3.postinst (+226/-0)
debian/libssl3.templates (+42/-0)
debian/patches/Drop-the-last-ossl_init_casecmp-call.patch (+36/-0)
debian/patches/Set-systemwide-default-settings-for-libssl-users.patch (+2/-3)
debian/patches/lp1947588.patch (+97/-0)
debian/patches/series (+11/-0)
debian/patches/skip_tls1.1_seclevel3_tests.patch (+51/-0)
debian/patches/strcasecmp-implement-strcasecmp-and-strncasecmp.patch (+215/-0)
debian/patches/tests-use-seclevel-1.patch (+235/-0)
debian/patches/tls1.2-min-seclevel2.patch (+63/-0)
debian/patches/tolower-refine-the-tolower-code-to-avoid-a-memory-ac.patch (+139/-0)
debian/po/ar.po (+108/-0)
debian/po/ca.po (+117/-0)
debian/po/cs.po (+119/-0)
debian/po/da.po (+119/-0)
debian/po/de.po (+119/-0)
debian/po/el.po (+115/-0)
debian/po/es.po (+153/-0)
debian/po/eu.po (+114/-0)
debian/po/fi.po (+121/-0)
debian/po/fr.po (+128/-0)
debian/po/gl.po (+108/-0)
debian/po/hu.po (+101/-0)
debian/po/it.po (+117/-0)
debian/po/ja.po (+109/-0)
debian/po/ko.po (+104/-0)
debian/po/lt.po (+124/-0)
debian/po/ml.po (+106/-0)
debian/po/nb.po (+117/-0)
debian/po/nl.po (+130/-0)
debian/po/pl.po (+120/-0)
debian/po/pt.po (+115/-0)
debian/po/pt_BR.po (+131/-0)
debian/po/ro.po (+115/-0)
debian/po/ru.po (+119/-0)
debian/po/sk.po (+113/-0)
debian/po/sv.po (+126/-0)
debian/po/ta.po (+95/-0)
debian/po/templates.pot (+95/-0)
debian/po/tr.po (+118/-0)
debian/po/uk.po (+105/-0)
debian/po/vi.po (+107/-0)
debian/po/zh_CN.po (+106/-0)
debian/po/zh_TW.po (+98/-0)
debian/rules (+14/-0)
debian/tests/control (+1/-1)
Revision history for this message
Simon Chopin (schopin) wrote :

This issue has been introduced in 3.0.3 upstream but we've backported the patch set to Jammy as well. The cherry-picked fix is in Debian in 3.0.3-4.

summary: - sscg FTBFS with OpenSSL 3.0.3
+ openssl: EVP_EC_gen() segfault without init
description: updated
Changed in openssl (Ubuntu):
status: New → Confirmed
Changed in openssl (Ubuntu Jammy):
status: New → Confirmed
importance: Undecided → High
Changed in openssl (Ubuntu Kinetic):
importance: Undecided → High
Bug Watch Updater (bug-watch-updater)
Changed in openssl (Debian):
importance: Undecided → Unknown
status: New → Fix Released
Simon Chopin (schopin)
Changed in openssl (Ubuntu Kinetic):
status: Confirmed → In Progress
Revision history for this message
Simon Chopin (schopin) wrote :

Attached is a debdiff for the Jammy changes. I'm still working on Kinetic as this will be folded into the merge, but I still need to do some more work as some new patches have surfaced upstream since then, as well as a new Debian revision. I feel the Jammy SRU should still move forward.

Note that the patchset is consequent as upstream has changed their approach to the issue a couple of times, now settling into reimplementing the string comparison functions entirely rather than relying on a C locale. This last approach has the benefit of not requiring initialization, which seems to have been the cause of all the regressions observed so far with the first solution.

The patches for that last approach haven't made their way to Debian yet, AFAICT.

Simon Chopin (schopin)
description: updated
Ubuntu Foundations Team Bug Bot (crichton)
tags: added: patch
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssl - 3.0.3-5ubuntu2

---------------
openssl (3.0.3-5ubuntu2) kinetic; urgency=medium

  * d/p/Set-systemwide-default-settings-for-libssl-users: don't comment out
    the CipherString string to avoid an empty section.

 -- Simon Chopin <email address hidden> Tue, 31 May 2022 13:02:15 +0200

Changed in openssl (Ubuntu Kinetic):
status: In Progress → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Please test proposed package

Hello Simon, or anyone else affected,

Accepted openssl into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openssl/3.0.2-0ubuntu1.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in openssl (Ubuntu Jammy):
status: Confirmed → Fix Committed
tags: added: verification-needed verification-needed-jammy
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Hello Simon, or anyone else affected,

Accepted openssl into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openssl/3.0.2-0ubuntu1.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message
Simon Chopin (schopin) wrote :

On a fresh Jammy LXC container:

root@rational-polliwog:~# dpkg -l libssl-dev | tail -n 1
ii libssl-dev:amd64 3.0.2-0ubuntu1.4 amd64 Secure Sockets Layer toolkit - development files
root@rational-polliwog:~# cat <<EOF > openssl_test.c
#include <openssl/evp.h>
int main()
{
    EVP_PKEY_Q_keygen(NULL, NULL, "EC", "P-256");
}
EOF
root@rational-polliwog:~# gcc openssl_test.c -lcrypto -lssl -o openssl_test
root@rational-polliwog:~# ./openssl_test
root@rational-polliwog:~# echo $?
0

Marking as verified.

tags: added: verification-done verification-done-jammy
removed: verification-needed verification-needed-jammy
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssl - 3.0.2-0ubuntu1.4

---------------
openssl (3.0.2-0ubuntu1.4) jammy; urgency=medium

  * d/p/lp1978093/*: renew some expiring test certificates (LP: #1978093)

openssl (3.0.2-0ubuntu1.3) jammy; urgency=medium

  * d/p/lp1974037/*: cherry-pick another patchset to fix regressions with the
    previous lp1974037 one (LP: #1974037)
  * d/p/Set-systemwide-default-settings-for-libssl-users: partially apply it on
    Ubuntu to make it easier for user to change security level (LP: #1972056)
  * d/p/lp1947588.patch: Cherry-picked as our patches make it very easy to
    trigger the underlying bug (LP: #1947588)

 -- Simon Chopin <email address hidden> Thu, 09 Jun 2022 13:20:55 +0200

Changed in openssl (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for openssl has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.