On Wed, 2017-03-29 at 09:42 -0500, Brandon Perry wrote: > > On Mar 29, 2017, at 9:35 AM, Nikos Mavrogiannopoulos <n.mavrogianno > > [email protected]> wrote: > > > > Could you please provide a reproducer? The easiest to create it > > would > > be following decoding-invalid-pkcs7 lines in tests/ > > Let me see what I can do. It is easy to reproduce with FreeTDS, > though. > > Compile FreeTDS (https://github.com/FreeTDS/freetds) and preeny (http > s://github.com/zardus/preeny) > > You then use the preeny desock.so to force the FreeTDS binary tsql to > read data from stdin instead of network IO. > > export LD_PRELOAD=~/preeny/x86_64-linux-gnu/desock.so > > ~/tsql -S 127.0.0.1 -U fdsa -P fdsa < file_to_repro_crash > > Perhaps you could compile FreeTDS with a debug copy of > GnuTLS/libtasn1 to make it easier to track down? I can also work on a > reproducible test case in the mean time, but I am not sure at all how > long this could take.
I'd really prefer a reproducer for libtasn1 proper. There can be other factors that lead to a double free and simple reproducer will make sure that the error is pin-pointed to libtasn1. > Do you want the file that reproduces the crash to be sent here on the > list or separately? The list is fine. > > > None @ 0x00007ffff512e22a: in > > > /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.1 > > > asn1_delete_structure2 @ 0x00007ffff512f418: in > > > /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.1 > > > None @ 0x00007ffff720e27c: in > > > /usr/lib/x86_64-linux-gnu/libgnutls.so.30.6.2 As far as I understand that's a crash on the deinitialization of gnutls. That's pretty weird. Have you checked with valgrind or asan that there is no memory corruption involved somewhere? regards, Nikos
