Good evening. I'm reporting a segfault in openssl via the command line "openssl rsa -in testcase -check" using a malformed private key. I'm using american fuzzy lop (http://lcamtuf.coredump.cx/afl/) to fuzz openssl.
The testcase, which I've attached to this email, is a mutation of a valid private ssl key. Doesn't appear to be exploitable according to CERTs exploitable plugin (https://github.com/jfoote/exploitable) for GDB, but there are smarter people than I out there in the world. I compiled openssl with the afl-gcc included with american fuzzy lop for instrumenting binaries: CC=/path/to/afl-gcc ./config AFL_HARDEN=1 make Here is the output from GDB and Valgrind: Program received signal SIGSEGV, Segmentation fault. 0x00000000009899ff in pkey_cb (pval=0x7fffffffd6f0, operation=<optimized out>, it=<optimized out>, exarg=<optimized out>) at p8_pkey.c:72 72 if (key->pkey->value.octet_string) (gdb) exploitable Description: Access violation near NULL on source operand Short description: SourceAvNearNull (16/22) Hash: 589e66012e1218a63f994739c4ec4083.0007be4bb08747c7f86854a2a873ea7a Exploitability Classification: PROBABLY_NOT_EXPLOITABLE Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation, which may mean the application crashed on a simple NULL dereference to data structure that has no immediate effect on control of the processor. Other tags: AccessViolation (21/22) (gdb) bt #0 0x00000000009899ff in pkey_cb (pval=0x7fffffffd6f0, operation=<optimized out>, it=<optimized out>, exarg=<optimized out>) at p8_pkey.c:72 #1 pkey_cb (operation=2, pval=0x7fffffffd6f0, it=<optimized out>, exarg=0x0) at p8_pkey.c:66 #2 0x0000000000951fa8 in asn1_item_combine_free (pval=0x7fffffffd6f0, it=0xd09e40, combine=0) at tasn_fre.c:149 #3 0x000000000095e64b in ASN1_item_ex_d2i (pval=pval@entry=0x7fffffffd6f0, in=<optimized out>, len=1196, it=0xd09e40, tag=<optimized out>, tag@entry=-1, aclass=<optimized out>, aclass@entry=0, opt=opt@entry=0 '\000', ctx=ctx@entry=0x7fffffffd700) at tasn_dec.c:484 #4 0x0000000000960bd9 in ASN1_item_d2i (pval=<optimized out>, in=<optimized out>, len=<optimized out>, it=<optimized out>) at tasn_dec.c:146 #5 0x00000000009a17b9 in PEM_read_bio_PrivateKey (bp=<optimized out>, x=0x0, cb=0x4d0510 <password_callback>, u=0x7fffffffdbf0) at pem_pkey.c:94 #6 0x00000000004d7a6c in load_key (err=0xf88010, file=0x7fffffffe60e "./id:000016,sig:11,src:000000,op:havoc,rep:2", format=3, maybe_stdin=1, pass=<optimized out>, e=<optimized out>, key_descrip=0xcc01c6 "Private Key") at apps.c:989 #7 0x0000000000458af4 in rsa_main (argc=<optimized out>, argv=<optimized out>) at rsa.c:291 #8 0x000000000040c3e8 in do_cmd (prog=prog@entry=0xfa47a0, argc=4, argv=argv@entry=0x7fffffffe370) at openssl.c:472 ---Type <return> to continue, or q <return> to quit--- #9 0x000000000040b63c in main (Argc=<optimized out>, Argv=0x7fffffffe370) at openssl.c:366 #10 0x00007ffff786bead in __libc_start_main (main=<optimized out>, argc=<optimized out>, ubp_av=<optimized out>, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe358) at libc-start.c:244 #11 0x000000000040bbd1 in _start () (gdb) i r rax 0xfa5d20 16407840 rbx 0xd09e40 13672000 rcx 0x0 0 rdx 0x0 0 rsi 0x7fffffffd6f0 140737488344816 rdi 0x2 2 rbp 0x7fffffffd6f0 0x7fffffffd6f0 rsp 0x7fffffffd550 0x7fffffffd550 r8 0x4 4 r9 0x4 4 r10 0x0 0 r11 0x1 1 r12 0xd09e40 13672000 r13 0x7fffffffd6f0 140737488344816 r14 0xfa6136 16408886 r15 0x9898d0 10000592 rip 0x9899ff 0x9899ff <pkey_cb+247> eflags 0x10246 [ PF ZF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 Regards, Brian 'geeknik' Carpenter
opensslkeycrash.gz
Description: GNU Zip compressed data
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
