Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

segfault when compiled without libbsd #1233

Closed
graywolf opened this issue Oct 31, 2023 · 5 comments · Fixed by #1234
Closed

segfault when compiled without libbsd #1233

graywolf opened this issue Oct 31, 2023 · 5 comments · Fixed by #1234

Comments

@graywolf
Copy link

Hello,

when I compile opensmtpd without a libbsd, it fails to start with a segfault. Backtrace in the core dump:

#0  arc4random_buf (buf=0x7fff17808040, n=n@entry=40) at ../../openbsd-compat/arc4random.c:94
#1  0x00007fa09ab3f79c in RAND_bytes (buf=buf@entry=0x7fff17808040 "", num=num@entry=40) at rand/rand_lib.c:90
#2  0x000000000045c861 in _rs_stir () at ../../openbsd-compat/arc4random.c:73
#3  0x000000000045cb2e in _rs_stir_if_needed (len=40) at ../../openbsd-compat/arc4random.c:98
#4  _rs_random_buf (n=40, _buf=0x7fff178080d0) at ../../openbsd-compat/arc4random.c:131
#5  arc4random_buf (buf=0x7fff178080d0, n=n@entry=40) at ../../openbsd-compat/arc4random.c:202
#6  0x00007fa09ab3f79c in RAND_bytes (buf=buf@entry=0x7fff178080d0 "", num=num@entry=40) at rand/rand_lib.c:90
#7  0x000000000045c861 in _rs_stir () at ../../openbsd-compat/arc4random.c:73
#8  0x000000000045cb2e in _rs_stir_if_needed (len=40) at ../../openbsd-compat/arc4random.c:98
#9  _rs_random_buf (n=40, _buf=0x7fff17808160) at ../../openbsd-compat/arc4random.c:131
#10 arc4random_buf (buf=0x7fff17808160, n=n@entry=40) at ../../openbsd-compat/arc4random.c:202
#11 0x00007fa09ab3f79c in RAND_bytes (buf=buf@entry=0x7fff17808160 "", num=num@entry=40) at rand/rand_lib.c:90
#12 0x000000000045c861 in _rs_stir () at ../../openbsd-compat/arc4random.c:73
#13 0x000000000045cb2e in _rs_stir_if_needed (len=40) at ../../openbsd-compat/arc4random.c:98
#14 _rs_random_buf (n=40, _buf=0x7fff178081f0) at ../../openbsd-compat/arc4random.c:131
#15 arc4random_buf (buf=0x7fff178081f0, n=n@entry=40) at ../../openbsd-compat/arc4random.c:202
#16 0x00007fa09ab3f79c in RAND_bytes (buf=buf@entry=0x7fff178081f0 "", num=num@entry=40) at rand/rand_lib.c:90
#17 0x000000000045c861 in _rs_stir () at ../../openbsd-compat/arc4random.c:73
#18 0x000000000045cb2e in _rs_stir_if_needed (len=40) at ../../openbsd-compat/arc4random.c:98
#19 _rs_random_buf (n=40, _buf=0x7fff17808280) at ../../openbsd-compat/arc4random.c:131
#20 arc4random_buf (buf=0x7fff17808280, n=n@entry=40) at ../../openbsd-compat/arc4random.c:202
#21 0x00007fa09ab3f79c in RAND_bytes (buf=buf@entry=0x7fff17808280 "", num=num@entry=40) at rand/rand_lib.c:90
#22 0x000000000045c861 in _rs_stir () at ../../openbsd-compat/arc4random.c:73
#23 0x000000000045cb2e in _rs_stir_if_needed (len=40) at ../../openbsd-compat/arc4random.c:98
#24 _rs_random_buf (n=40, _buf=0x7fff17808310) at ../../openbsd-compat/arc4random.c:131
#25 arc4random_buf (buf=0x7fff17808310, n=n@entry=40) at ../../openbsd-compat/arc4random.c:202
#26 0x00007fa09ab3f79c in RAND_bytes (buf=buf@entry=0x7fff17808310 "", num=num@entry=40) at rand/rand_lib.c:90
#27 0x000000000045c861 in _rs_stir () at ../../openbsd-compat/arc4random.c:73
#28 0x000000000045cb2e in _rs_stir_if_needed (len=40) at ../../openbsd-compat/arc4random.c:98
#29 _rs_random_buf (n=40, _buf=0x7fff178083a0) at ../../openbsd-compat/arc4random.c:131
...

That goes on for a while, I stopped the gdb when at #238808 stack depth. I believe the cause is _rs_stir calling RAND_bytes, which (only in libressl's implementation) calls arc4random_buf, leading to the loop.

libbsd does not use RAND_bytes, openssl does not use arc4random_buf, meaning both condition (no libbsd, use libressl) needs to be fulfilled for the crash to occur.
mbakke pushed a commit to guix-mirror/guix that referenced this issue Oct 31, 2023
@nckx
gnu: opensmtpd: Update to 7.4.0p0 (bis).
5e7f27d 
This time fixing a segfault reported & debugged entirely by graywolf.
See: <OpenSMTPD/OpenSMTPD#1233>

So, what went wrong here?  Mostly me being entirely convinced, to the
point of not even looking, that we have no opensmtpd system test.  We
do.  Instead, I tested the update on my own mail server, which for
entirely unhysterical raisins happens to link OpenSMTPd against OpenSSL
and so just happens to sidestep this bug.  Aiya.

* gnu/packages/mail.scm (opensmtpd): Update to 7.4.0p0.
[native-inputs]: Add pkg-config.
[inputs]: Add libbsd.
[arguments]: Add "--with-libbsd" to #:configure-flags.

Co-authored-by: graywolf in #guix
Change-Id: I5536b828eecd16f041ed9381b16bd7aa54158155
@omar-polo
Copy link
Contributor

@graywolf thanks for the detailed report and sorry for the delay.

This happens to be a problem that was fixed in libressl 3.8 (libressl/portable@54b31ce) that no longer exports the compat symbols in libcrypto.

Still, we can do something in configure to avoid this (i.e. checking arc4random() after libcrypto)

omar-polo added a commit that referenced this issue Nov 2, 2023
@omar-polo
work around arc4random() symbol clash with old LibreSSL
df31fe0 
LibreSSL pre 3.8 leaks the symbols of their compats in libcrypto.
This is particularly painful with arc4random() which, in our
implementation, relies on libcrypto.  LibreSSL' RAND_add() calls
itself arc4random_buf() resulting in an infinite loop due to the
symbol clash.

Instead, check for arc4random() only after we've found libcrypto, and
re-establish the prototype hack in openbsd-compat.h.  Hopefully we'll
be able to get rid of this workaround in a few releases.

Issue reported by @graywolf, thank you!

Fixes #1233
@omar-polo omar-polo mentioned this issue Nov 2, 2023
Merged
@omar-polo
Copy link
Contributor

#1234 should fix this by re-using arc4random() from libcrypto if found. Can you please test that it works for you too?

Thanks!

@omar-polo
Copy link
Contributor

@graywolf ah, please make sure to re-run ./bootstrap after applying the diff from the PR since it touches the configure.ac file. Thanks!

@graywolf
Copy link
Author

graywolf commented Nov 6, 2023

After applying the patch and running autoreconf -i (I overlook the bootstrap), it seems to work. Thank you for fixing it :)

@graywolf graywolf closed this as completed Nov 6, 2023
@omar-polo
Copy link
Contributor

Thank you for confirming the fix :)

omar-polo added a commit that referenced this issue Nov 6, 2023
@omar-polo
work around arc4random() symbol clash with old LibreSSL
2d130fb 
LibreSSL pre 3.8 leaks the symbols of their compats in libcrypto.
This is particularly painful with arc4random() which, in our
implementation, relies on libcrypto.  LibreSSL' RAND_add() calls
itself arc4random_buf() resulting in an infinite loop due to the
symbol clash.

Instead, check for arc4random() only after we've found libcrypto, and
re-establish the prototype hack in openbsd-compat.h.  Hopefully we'll
be able to get rid of this workaround in a few releases.

Issue reported by @graywolf, thank you!

Fixes #1233
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

work around arc4random() symbol clash with old LibreSSL OpenSMTPD/OpenSMTPD
2 participants
@graywolf @omar-polo