Re: profanity segfaults and dumps core in recent snapshots

Fri, 02 Oct 2020 22:55:04 -0700 

On Fri Sep 25, 2020 at 10:07:24AM +0100, Raf Czlonka wrote:
> Hi all,
> 
> As soon as I authenticate against Google's XMPP server - talk.google.com
> - profanity segfaults and dumps core:
> 
>       $ egdb profanity profanity.core  
>       [...]
>       Core was generated by `profanity'.
>       Program terminated with signal SIGSEGV, Segmentation fault.
>       #0  0x00000e6f67fba14f in xmpp_conn_tlscert_fingerprint () from 
> /usr/local/lib/libmesode.so.0.0
>       (gdb) bt
>       #0  0x00000e6f67fba14f in xmpp_conn_tlscert_fingerprint () from 
> /usr/local/lib/libmesode.so.0.0
>       #1  0x00000e6cccde9466 in _xmppcert_to_profcert ()
>       #2  0x00000e6cccde907e in ?? ()
>       #3  0x00000e6f67fc6959 in verify_callback () from 
> /usr/local/lib/libmesode.so.0.0
>       #4  0x00000e6f58058313 in check_id_error (ctx=0x7f7fffff6fd0, 
> errcode=<error reading variable: Cannot access memory at address 0x3e>) at 
> /usr/src/lib/libcrypto/x509/x509_vfy.c:183
>       #5  check_id (ctx=0x7f7fffff6fd0) at 
> /usr/src/lib/libcrypto/x509/x509_vfy.c:213
>       #6  0x00000e6f5801ec31 in x509_verify_cert_hostname (ctx=0xe6f1f627d80, 
> cert=0xe6fb3bc6d00, name=0x0) at /usr/src/lib/libcrypto/x509/x509_verify.c:462
>       #7  x509_verify (ctx=0xe6f1f627d80, leaf=0xe6fb3bc6d00, name=0x0) at 
> /usr/src/lib/libcrypto/x509/x509_verify.c:870
>       #8  0x00000e6f58058de1 in X509_verify_cert (ctx=0x7f7fffff6fd0) at 
> /usr/src/lib/libcrypto/x509/x509_vfy.c:682
>       #9  0x00000e6f355991ed in ssl_verify_cert_chain (s=0xe6f4ca9c300, 
> sk=0xe6ee1db3840) at /usr/src/lib/libssl/ssl_cert.c:447
>       #10 0x00000e6f355b79a5 in tls13_server_certificate_recv 
> (ctx=0xe6f4ca9c400, cbs=<optimized out>) at 
> /usr/src/lib/libssl/tls13_client.c:613
>       #11 0x00000e6f355b777c in tls13_server_certificate_request_recv 
> (ctx=0xe6f4ca9c400, cbs=0x7f7fffff7218) at 
> /usr/src/lib/libssl/tls13_client.c:534
>       #12 0x00000e6f355c6511 in tls13_handshake_recv_action 
> (ctx=0xe6f4ca9c400, action=<optimized out>) at 
> /usr/src/lib/libssl/tls13_handshake.c:500
>       #13 tls13_handshake_perform (ctx=0xe6f4ca9c400) at 
> /usr/src/lib/libssl/tls13_handshake.c:375
>       #14 0x00000e6f355c57d7 in tls13_legacy_connect (ssl=0xe6f4ca9c300) at 
> /usr/src/lib/libssl/tls13_legacy.c:442
>       #15 0x00000e6f67fc6aa5 in tls_start () from 
> /usr/local/lib/libmesode.so.0.0
>       #16 0x00000e6f67fb9542 in conn_tls_start () from 
> /usr/local/lib/libmesode.so.0.0
>       #17 0x00000e6f67fb7274 in _handle_proceedtls_default () from 
> /usr/local/lib/libmesode.so.0.0
>       #18 0x00000e6f67fbbb01 in handler_fire_stanza () from 
> /usr/local/lib/libmesode.so.0.0
>       #19 0x00000e6f67fb8835 in _handle_stream_stanza () from 
> /usr/local/lib/libmesode.so.0.0
>       #20 0x00000e6f67fc76f5 in _end_element () from 
> /usr/local/lib/libmesode.so.0.0
>       #21 0x00000e6f48109821 in doContent (parser=0xe6ee1dbf800, 
> startTagLevel=<optimized out>, enc=<optimized out>, s=<optimized out>, 
> end=0xe6f1a4511ad '\337' <repeats 199 times>, <incomplete sequence \337>..
>           haveMore=1 '\001') at /usr/src/lib/libexpat/lib/xmlparse.c:2600
>       #22 0x00000e6f48106f07 in contentProcessor (parser=0xe6ee1dbf800, 
> start=0x7f7fffff60f0 "ERROR: error number 62", end=0x7 <error: Cannot access 
> memory at address 0x7>, endPtr=0x0) at /usr/src/lib/libexpat/
>       #23 0x00000e6f48102191 in XML_ParseBuffer (parser=0xe6ee1dbf800, 
> len=50, isFinal=0) at /usr/src/lib/libexpat/lib/xmlparse.c:1704
>       #24 0x00000e6f48101ca3 in XML_Parse (parser=0xe6ee1dbf800, 
>           s=0x7f7fffff7620 "<proceed 
> xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>xml:ns:xmpp-tls\"><required/></starttls><mechanisms
>  
> xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\"><mechanism>X-OAUTH2</mechanism><mec
>           len=50, isFinal=0) at /usr/src/lib/libexpat/lib/xmlparse.c:1668
>       #25 0x00000e6f67fbb67e in xmpp_run_once () from 
> /usr/local/lib/libmesode.so.0.0
>       #26 0x00000e6cccde8ada in connection_check_events ()
>       #27 0x00000e6cccde1e3b in prof_run ()
>       #28 0x00000e6ccce5d3de in main ()
> 
> This started happening a week or so ago.
> 
> Around the same time - most likely the same snapshot - lastpass-cli
> stopped working during authentication step, with an "SSL connect
> error" message.
> 
> Bjorn (bket@) found that lastpass-cli behaviour was related to a
> change in lib/libcrypto/x509/x509_vpm.c (r1.22). This has been
> subsequently fixed[0] by jsing@ and lastpass-cli works again.
> 
> This may or may not be related but, given X.509 and TLS appearing
> all over the place in the backtrace, I thought I'd mention it.
> 
> FWIW, profanity does *not* segfault when I authenticate to an XMPP
> server at work.
> 
> [0] https://marc.info/?l=openbsd-cvs&m=160088523031157&w=2
> 
> Please CC me in any replies as I am not subscribed to this mailing list.
> 
> Cheers,
> 
> Raf
> 


Could you test your use-case with the following libmesode update, please?
Upstream committed some "LibreSSL support" changes.

? libmesode-0.10.0-libmesode.so.0.0
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/libmesode/Makefile,v
retrieving revision 1.4
diff -u -p -u -p -r1.4 Makefile
--- Makefile    17 Oct 2019 20:25:03 -0000      1.4
+++ Makefile    3 Oct 2020 05:50:39 -0000
@@ -4,11 +4,11 @@ COMMENT =     fork of libstrophe for use wit
 
 GH_ACCOUNT =   boothj5
 GH_PROJECT =   libmesode
-GH_TAGNAME =   0.9.3
+GH_TAGNAME =   0.10.0
 
 CATEGORIES =   net devel
 
-SHARED_LIBS +=  mesode                    0.0 # 0.0
+SHARED_LIBS +=  mesode                    1.0 # 0.0
 
 MAINTAINER =   Rafael Sadowski <rsadow...@openbsd.org>
 
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/libmesode/distinfo,v
retrieving revision 1.2
diff -u -p -u -p -r1.2 distinfo
--- distinfo    17 Oct 2019 20:25:03 -0000      1.2
+++ distinfo    3 Oct 2020 05:50:39 -0000
@@ -1,2 +1,2 @@
-SHA256 (libmesode-0.9.3.tar.gz) = dG4GRqkXajA6B+yO18RDo4QWrMdD7Rnu3faonZcgn/0=
-SIZE (libmesode-0.9.3.tar.gz) = 149584
+SHA256 (libmesode-0.10.0.tar.gz) = 3fUKqvd44DmwwAtp9A89USOEGOCbfGdMY4j+3KxIrfk=
+SIZE (libmesode-0.10.0.tar.gz) = 150609
Index: patches/patch-configure_ac
===================================================================
RCS file: patches/patch-configure_ac
diff -N patches/patch-configure_ac
--- patches/patch-configure_ac  3 Mar 2019 19:14:28 -0000       1.1.1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,19 +0,0 @@
-$OpenBSD: patch-configure_ac,v 1.1.1.1 2019/03/03 19:14:28 rsadowski Exp $
-
-Index: configure.ac
---- configure.ac.orig
-+++ configure.ac
-@@ -18,11 +18,11 @@ AS_CASE([$host_os],
-                    [PLATFORM="nix"])
- 
- PKG_CHECK_MODULES([expat], [expat >= 2.0.0],
--                  [PC_REQUIRES+=(expat)],
-+                  [PC_REQUIRES="expat"],
-                   [AC_CHECK_HEADER([expat.h],
-                                    [
-                                     expat_LIBS="-lexpat"
--                                    PC_LIBS+=($expat_LIBS)
-+                                    PC_LIBS="${expat_LIBS}"
-                                    ],
-                                    [AC_MSG_ERROR([expat not found; expat 
required.])]
-                                   )
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/net/libmesode/pkg/PLIST,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 PLIST
--- pkg/PLIST   3 Mar 2019 19:14:28 -0000       1.1.1.1
+++ pkg/PLIST   3 Oct 2020 05:50:39 -0000
@@ -1,6 +1,6 @@
 @comment $OpenBSD: PLIST,v 1.1.1.1 2019/03/03 19:14:28 rsadowski Exp $
 include/mesode.h
-lib/libmesode.a
+@static-lib lib/libmesode.a
 lib/libmesode.la
 @lib lib/libmesode.so.${LIBmesode_VERSION}
 lib/pkgconfig/libmesode.pc

Reply via email to