On Thu, 18 May 2023 at 13:16, RVP <r...@sdf.org> wrote: > > On Thu, 18 May 2023, Chavdar Ivanov wrote: > > > Yes indeed, with SIGILL passed I get: > > > > > > Program received signal SIGSEGV, Segmentation fault. > > 0x0000f03114c97890 in EC_GROUP_order_bits () from /usr/lib/libcrypto.so.14 > > (gdb) bt > > #0 0x0000f03114c97890 in EC_GROUP_order_bits () from > > /usr/lib/libcrypto.so.14 > > #1 0x0000f031154898a4 in engine_unlocked_init () from > > /usr/lib/libcrypto.so.15 > > #2 0x0000f03115489ab0 in ENGINE_init () from /usr/lib/libcrypto.so.15 > > #3 0x0000f031153d11f0 in ?? () from /usr/lib/libcrypto.so.15 > > #4 0x0000f03115694c30 in ssl_setup_sig_algs () from /usr/lib/libssl.so.15 > > #5 0x0000f031156a85c4 in SSL_CTX_new_ex () from /usr/lib/libssl.so.15 > > #6 0x000000000f1be6d8 in fetch_start_ssl () > > #7 0x000000000f1b0dfc in fetch_url () > > #8 0x000000000f1b3128 in auto_fetch () > > #9 0x000000000f1bf944 in main () > > > > You can see the cause right in that stack trace: > > EC_GROUP_order_bits is from libcrypto.so.14, but, > engine_unlocked_init etc., are from libcrypto.so.15 > > This is our old friend: library interpositioning and it happens due to > this: > > $ readelf -d /mnt/usr/bin/ftp | f NEEDED > 0x0000000000000001 NEEDED Shared library: [libedit.so.3] > 0x0000000000000001 NEEDED Shared library: [libterminfo.so.2] > 0x0000000000000001 NEEDED Shared library: [libssl.so.14] > 0x0000000000000001 NEEDED Shared library: [libcrypto.so.14] > 0x0000000000000001 NEEDED Shared library: [libc.so.12] > $ readelf -d /mnt/usr/lib/libssl.so.14 | f NEEDED > 0x0000000000000001 NEEDED Shared library: [libcrypto.so.14] > 0x0000000000000001 NEEDED Shared library: [libc.so.12] > > > So, my ftp binary explicitly needs `libcrypto.so.14'. and `libssl' also has > _the same version_ as a dependency. But, in your case, the ftp binary will > show `libcrypto.so.15', but libssl will need `libcrypto.so.14'. Ie. the > compiler linked in the newer version explicitly (cc ... -lcrypto') and the > other one was brought in implicitly via libssl.
Indeed: # readelf -d /usr/bin/ftp | grep NEEDED 0x0000000000000001 (NEEDED) Shared library: [libedit.so.3] 0x0000000000000001 (NEEDED) Shared library: [libterminfo.so.2] 0x0000000000000001 (NEEDED) Shared library: [libssl.so.15] 0x0000000000000001 (NEEDED) Shared library: [libcrypto.so.15] 0x0000000000000001 (NEEDED) Shared library: [libc.so.12] # readelf -d /usr/lib/libssl.so.15.0 | grep NEEDED 0x0000000000000001 (NEEDED) Shared library: [libcrypto.so.14] 0x0000000000000001 (NEEDED) Shared library: [libc.so.12] Rebuilding clean now. Thanks, Chavdar > > -RVP > -- ----