Re: libcrypto++ segfault on i386?

Fri, 08 May 2009 14:57:58 -0700 

Jens Peter Secher wrote:
> Am I right in thinking that SecBlock(size=16) looks odd considering that
> everything else in the trace use sizes of 32?

I don't think that's it. 16 is the number of word32, and should be correct. 
One problem is here:

m_state = {<CryptoPP::FixedSizeSecBlock<unsigned int, 16u,
CryptoPP::FixedSizeAllocatorWithCleanup<unsigned int, 16u,
CryptoPP::NullAllocator<unsigned int>, true> >> =
{<CryptoPP::SecBlock<unsigned int,
CryptoPP::FixedSizeAllocatorWithCleanup<unsigned int, 16u,
CryptoPP::NullAllocator<unsigned int>, true> >> = {m_alloc =
{<CryptoPP::AllocatorBase<unsigned int>> = {<No data fields>}, m_array
= {4294967295,
              3086458868, 134580384, 3086460528, 3220673504,
3086397003, 3086460968, 0, 1, 1, 0, 134629935, 2114, 0, 139192488, 1,
              3080978708, 3086029504},
            m_fallbackAllocator = {<CryptoPP::AllocatorBase<unsigned
int>> = {<No data fields>}, <No data fields>},
            m_allocated = false}, m_size = 0, m_ptr = 0x0}

Note that m_state.m_ptr = 0x0, which means m_state hasn't been constructed 
when the segfault happened. Why? On the segfault stack it's going through 
line 88 of iterhash.h:

IteratedHashWithStaticTransform() {this->Init();}

m_state belongs to IteratedHashWithStaticTransform, and the segfault is 
happening inside Init(), so m_state should have been constructed already. 
Also, look at this part:

#2  0xb7df5e09 in CryptoPP::SHA256::InitState (state=0xb7f70980) at 
sha.cpp:96

The state parameter should equal m_state.m_ptr. But m_state.m_ptr is shown 
as 0x0, and state is shown as 0xb7f70980. 0xb7f70980 certainly isn't correct 
either, since m_state should be near m_data, which is at 0xbff79340. I see 
this:

key = (const byte *) 0xb7f70980 "Z\213\f$\211\004$\213D$\004Â\f"

This variable isn't in my copy of randpool.cpp. Is it something you added to 
help debugging? In any case, I don't understand how that value got passed to 
InitState().

If you can't figure this out, please send me instructions to reproduce the 
bug. 


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at 
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Reply via email to