SIGABRT with gnutls 3.3 on debian jessie

[anarcat]

I am trying to backport Charybdis 3.5.2p1 to Debian jessie 8.5. after a while, the SSLd process crashes with SIGABRT:

Program received signal SIGABRT, Aborted.
0x00007fc837c1a067 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56      ../nptl/sysdeps/unix/sysv/linux/raise.c: Aucun fichier ou dossier de ce type.
(gdb) bt
#0  0x00007fc837c1a067 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007fc837c1b448 in __GI_abort () at abort.c:89
#2  0x00007fc8385fa1e1 in rb_vsnprintf (buf=0x1fbc <error: Cannot access memory at address 0x1fbc>, size=8124, fmt=0x7fc8385ffb89 "s-%s-%s", args=0xffffffffffffffff, 
    args@entry=0x7ffca78c5c08) at snprintf.c:452
#3  0x00007fc8385fa272 in rb_snprintf (buf=buf@entry=0x7fc838817b40 <buf> "TLS1.2-ECDHE-RSA-AES-256-GCM-AEAD", size=size@entry=1024, 
    fmt=fmt@entry=0x7fc8385ffb85 "%s-%s-%s-%s") at snprintf.c:611
#4  0x00007fc8385f722b in rb_ssl_get_cipher (F=0x7fc838a36810) at gnutls.c:676
#5  0x00000000004022d5 in ssl_send_cipher (conn=conn@entry=0x7502c0) at ssld.c:674
#6  0x0000000000402f94 in ssl_process_accept_cb (F=<optimized out>, status=<optimized out>, addr=<optimized out>, len=<optimized out>, data=0x7502c0) at ssld.c:711
#7  0x00007fc8385f6857 in rb_ssl_start_accepted (new_F=0x7fc838a36810, cb=cb@entry=0x402f70 <ssl_process_accept_cb>, data=data@entry=0x7502c0, 
    timeout=timeout@entry=10) at gnutls.c:172
#8  0x0000000000403746 in ssl_process_accept (ctlb=0x754630, ctl=0x71a130) at ssld.c:771
#9  mod_process_cmd_recv (ctl=0x71a130) at ssld.c:1017
#10 mod_read_ctl (F=<optimized out>, data=0x71a130) at ssld.c:1137
#11 0x00007fc8385fb8ba in rb_select_epoll (delay=<optimized out>) at epoll.c:199
#12 0x00007fc8385f538c in rb_select (timeout=timeout@entry=18446744073709551615) at commio.c:2105
#13 0x00007fc8385f7f5c in rb_lib_loop (delay=delay@entry=0) at ratbox_lib.c:229
#14 0x0000000000401cef in main (argc=<optimized out>, argv=<optimized out>) at ssld.c:1258

it looks like some null pointer is passed to the rb_snprintf function, here: https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/gnutls.c#L671-L683

more precisely, I have been able to infer that the gnutls_kx_get_name function returns null:

(gdb) p gnutls_protocol_get_version(*((gnutls_session_t *)F->ssl))
$26 = 4
(gdb) p gnutls_cipher_get(*((gnutls_session_t *)F->ssl))
$27 = 1
(gdb) p gnutls_mac_get(*((gnutls_session_t *)F->ssl))
$28 = 1
(gdb) p gnutls_kx_get_name(gnutls_kx_get(*((gnutls_session_t *)F->ssl)))
$29 = 0

it is unclear what triggers the crash. when the server starts, i can connect to it with a TLS client, and it can link with other servers running charybdis 3.4 + gnutls without problems. /whois works as well, but after a few minutes, the ssld daemon crashes.

note that jessie has gnutls 3.3, and not 3.4, so this could be why this worked when it was implemented?

mbedtls is not backported to jessie yet, so switching to that library is problematic. using openssl has licensing issues (not mentionning security issues as well).

i'm currently testing this pretty naive patch:

diff --git a/libratbox/src/gnutls.c b/libratbox/src/gnutls.c
index f51211f..256fed8 100644
--- a/libratbox/src/gnutls.c
+++ b/libratbox/src/gnutls.c
@@ -672,10 +672,11 @@ const char *
 rb_ssl_get_cipher(rb_fde_t *F)
 {
    static char buf[1024];
-
+        char * kx;
+        kx = gnutls_kx_get_name(gnutls_kx_get(SSL_P(F)));
    rb_snprintf(buf, sizeof(buf), "%s-%s-%s-%s",
        gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F))),
-       gnutls_kx_get_name(gnutls_kx_get(SSL_P(F))),
+                kx ? kx : "NULL",
        gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F))),
        gnutls_mac_get_name(gnutls_mac_get(SSL_P(F))));

here is the full stack trace:

(gdb) bt full
#0  0x00007fc837c1a067 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
        resultvar = 0
        pid = 8124
        selftid = 8124
#1  0x00007fc837c1b448 in __GI_abort () at abort.c:89
        save_stage = 2
        act = {__sigaction_handler = {sa_handler = 0x400, sa_sigaction = 0x400}, sa_mask = {__val = {140497916003408, 140497918196544, 140497918311879, 1, 0, 0, 
              140497905433896, 7, 140497918196544, 140723119479816, 140497918337765, 4294967295, 40, 140497916003476, 140723119479872, 140497916001161}}, 
          sa_flags = 83, sa_restorer = 0xffffffff}
        sigs = {__val = {32, 0 <repeats 15 times>}}
#2  0x00007fc8385fa1e1 in rb_vsnprintf (buf=0x1fbc <error: Cannot access memory at address 0x1fbc>, size=8124, fmt=0x7fc8385ffb89 "s-%s-%s", args=0xffffffffffffffff, 
    args@entry=0x7ffca78c5c08) at snprintf.c:452
        num = 18446744073709551615
        base = 83
        s = 0x0
        qualifier = 514
#3  0x00007fc8385fa272 in rb_snprintf (buf=buf@entry=0x7fc838817b40 <buf> "TLS1.2-ECDHE-RSA-AES-256-GCM-AEAD", size=size@entry=1024, 
    fmt=fmt@entry=0x7fc8385ffb85 "%s-%s-%s-%s") at snprintf.c:611
        args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7ffca78c5ce0, reg_save_area = 0x7ffca78c5c20}}
        i = 0
#4  0x00007fc8385f722b in rb_ssl_get_cipher (F=0x7fc838a36810) at gnutls.c:676
        buf = "TLS1.2-ECDHE-RSA-AES-256-GCM-AEAD", '\000' <repeats 990 times>
#5  0x00000000004022d5 in ssl_send_cipher (conn=conn@entry=0x7502c0) at ssld.c:674
        len = <optimized out>
        buf = "(^\214\247\374\177\000\000S\n`8\310\177\000\000\000\000\000\000\000\000\000\000p%u\000\000\000\000\000\022\000\000\000\000\000\000\000\005\000\000\000\000\000\000\000\005\000\000\000\000\000\000\000r\365_8\310\177\000\000\t\000\000\000\000\000\000\000\260\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000\062\000\000\000\060", '\000' <repeats 11 times>, "[\000\000\000\374\177", '\000' <repeats 18 times>, "n\000\000\000w", '\000' <repeats 11 times>, "|\000\000\000\000\000\000\000y\022\314\067\310\177\000\000\021\000\000\000\000\000\000\000 \246\370\067\310\177\000\000\200\000\000\000\000\000\000\000\020\000\000\000\310\177\000\000@_\214\247\374\177\000\000"...
        cstring = "|\000\000\000\374\177\000\000 \246\370\067\310\177\000\000\000\000\000\000\000\000\000\000\060`\214\247\374\177\000\000\300\002u\000\000\000\000\000p/@\000\000\000\000\000\025ǚ7\310\177\000\000 \020\306\067\310\177\000\000\300\002u", '\000' <repeats 13 times>, "@}o\000\000\000\000\000\060`\214\247\374\177\000\000\300\002u\000\000\000\000\000\001\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\016\340\217\067\310\177\000\000\021\000\000\000\374\177\000\000\060\006w\000\000\000\000\000@}o", '\000' <repeats 13 times>, "\025ǚ7\310\177\000\000\340]\214\247\374\177\000\000\000\000\000\000\000\000\000\000A\346\305\067\310\177\000\000@}o", '\000' <repeats 17 times>...
        p = <optimized out>
#6  0x0000000000402f94 in ssl_process_accept_cb (F=<optimized out>, status=<optimized out>, addr=<optimized out>, len=<optimized out>, data=0x7502c0) at ssld.c:711
        len = <optimized out>
        data = 0x7502c0
        F = <optimized out>
        addr = <optimized out>
        conn = 0x7502c0
#7  0x00007fc8385f6857 in rb_ssl_start_accepted (new_F=0x7fc838a36810, cb=cb@entry=0x402f70 <ssl_process_accept_cb>, data=data@entry=0x7502c0, 
    timeout=timeout@entry=10) at gnutls.c:172
        ad = 0x726580
#8  0x0000000000403746 in ssl_process_accept (ctlb=0x754630, ctl=0x71a130) at ssld.c:771
        conn = 0x7502c0
#9  mod_process_cmd_recv (ctl=0x71a130) at ssld.c:1017
        ptr = 0x754630
        next = 0x0
        ctl_buf = 0x754630
#10 mod_read_ctl (F=<optimized out>, data=0x71a130) at ssld.c:1137
        ctl_buf = 0x0
        ctl = 0x71a130
---Type <return> to continue, or q <return> to quit---
        retlen = <optimized out>
        i = <optimized out>
#11 0x00007fc8385fb8ba in rb_select_epoll (delay=<optimized out>) at epoll.c:199
        hdl = <optimized out>
        F = 0x7fc838a36e70
        num = <optimized out>
        flags = <optimized out>
        old_flags = 1
        op = <optimized out>
        ep_event = {events = 7446832, data = {ptr = 0x0, fd = 0, u32 = 0, u64 = 0}}
        o_errno = <optimized out>
        data = <optimized out>
#12 0x00007fc8385f538c in rb_select (timeout=timeout@entry=18446744073709551615) at commio.c:2105
        ret = <optimized out>
#13 0x00007fc8385f7f5c in rb_lib_loop (delay=delay@entry=0) at ratbox_lib.c:229
        next = <optimized out>
#14 0x0000000000401cef in main (argc=<optimized out>, argv=<optimized out>) at ssld.c:1258
        s_ctlfd = <optimized out>
        s_pipe = <optimized out>
        s_pid = <optimized out>
        x = <optimized out>

[aaronmdjones]

(Please see commit 06feeb2)

[anarcat]

and b24cfd7 and f15a30a

patches work, thanks - factored into the debian package. i encourage you to make a new 3.5 release to ship this.

thanks!

[kaniini]

3.5.3/4-rc4 will be released to solve this issue.