Your message dated Tue, 17 Mar 2020 23:42:42 +0100
with message-id <20200317224242.airo2s3sn6rqbonr@flow>
and subject line Close "openssl: `openssl speed foobar` segfaults"
has caused the Debian Bug report #917616,
regarding openssl: `openssl speed foobar` segfaults
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
917616: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917616
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: openssl
Version: 1.1.0j-1~deb9u1
Severity: minor
Tags: patch stretch upstream

Dear Maintainer,

   * What led up to the situation?

Invoking `openssl speed` with unrecognized/unsupported algorithm, e.g.
  openssl speed foobar
or even
  openssl speed help

   * What was the outcome of this action?

openssl segfaults.

   * What outcome did you expect instead?

Error message/list of supported algorithms/etc

gdb backtrace:
(gdb) bt
#0  __strcmp_ia32 () at ../sysdeps/i386/i686/multiarch/../strcmp.S:34
#1 0x566a488e in opt_found (nbelem=<optimized out>, pairs=0x566ddc28 <ecdh_choices+136>, result=<optimized out>, name=<optimized out>) at ../apps/speed.c:298
#2  speed_main (argc=1, argv=0xff8b192c) at ../apps/speed.c:1515
#3  0x56667615 in do_cmd (prog=0x584b4c20, argc=2, argv=0xff8b1928)
    at ../apps/openssl.c:476
#4  0x56667d19 in main (argc=2, argv=0xff8b1928) at ../apps/openssl.c:181

This bug apparently was introduced in
commit 4e07941373ac17086ab4e601950c4ca148e8bb31
due to mismerge of cherry-picked commit 5c6a69f539a5eb66a1afa4e2904d8a27e9b534c3

I have not run-tested, but from looking at sources, it should not be present in openssl-1.1.1 or master (so only stretch is affected).

(Untested) patch attached.

-- System Information:
Debian Release: 9.6
  APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'proposed-updates'), (500, 'stable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.9.0-6-amd64 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R), LANGUAGE=ru_RU.KOI8-R (charmap=KOI8-R)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssl depends on:
ii  libc6      2.24-11+deb9u3
ii  libssl1.1  1.1.0j-1~deb9u1

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates  20161130+nmu1+deb9u1

-- no debconf information

diff --git a/apps/speed.c b/apps/speed.c
index 6672fe606a..4595cc602c 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -537,7 +537,6 @@ static const OPT_PAIR ecdh_choices[] = {
     {"ecdhb409", R_EC_B409},
     {"ecdhb571", R_EC_B571},
     {"ecdhx25519", R_EC_X25519},
-    {NULL}
 };
 # define EC_NUM       OSSL_NELEM(ecdh_choices)
 


--- End Message ---
--- Begin Message ---
Version: 1.1.0k-1~deb9u1

Fixed by commit 3318493b85a81 ("apps/speed: fix segfault while looking
up algorithm name") which is part of 1.1.0k.

Sebastian

--- End Message ---

Reply via email to