[Touch-packages] [Bug 1613658] Re: OPENSSL_init_library () crash in conjunction with faketime

Joy Latten Thu, 18 Aug 2016 15:46:11 -0700

Marcelo and I took a look at this...

o_init.c in openssl has following constructor, introduced for fips.
void __attribute__ ((constructor)) OPENSSL_init_library(void)


OPENSSL_init_library() when OPENSSL_FIPS is defined, calls
RAND_init_fips() which eventually calls RAND_poll() which calls
time(NULL). This can get called before libfaketime has initialized. Thus
the core dump.

We noticed following commit in libfaketime that takes care of the constructor 
situation,  
https://github.com/wolfcw/libfaketime/commit/0bde083556e243e87bddaaf94e68f2ef85dad769
This commit will allow libfaketime to call its init routine if it has not yet 
been called.
This commit is not in the current version of libfaketime in xenial.

I compiled libfaketime in github and tried my testcase and it worked.
I used the testcase that was referenced above at 
https://github.com/wolfcw/libfaketime/issues/93

So we need above commit for libfaketime.


** Bug watch added: github.com/wolfcw/libfaketime/issues #93
   https://github.com/wolfcw/libfaketime/issues/93

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1613658

Title:
  OPENSSL_init_library () crash in conjunction with faketime

Status in openssl package in Ubuntu:
  New

Bug description:
  Program that use library openssl will crash when they are run in
  "faketime" (in the tool that sets system date to certain faked
  time/date).

  Impact: this bug makes it impossible to do deterministic build of
  application using for example cmake and faketime.

  Also according to https://github.com/wolfcw/libfaketime/issues/93
  This is not a bug of libfaketime or cmake. This bug comes from openssl 
library.

  
  Reproduce example:
  $ REFERENCE_DATETIME="2016-08-05 00:00:00"  
  $ export LD_PRELOAD=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1
  $ export FAKETIME=$REFERENCE_DATETIME
  $ cmake . --> Segmentation fault (core dumped)  ## Even with empty 
CMakeLists.txt file

  
  ($gdb cmake .) output:
  (gdb) run
  Starting program: /usr/bin/cmake 
  [Thread debugging using libthread_db enabled]
  Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

  Program received signal SIGSEGV, Segmentation fault.
  0x0000000000000000 in ?? ()
  (gdb) bt
  #0  0x0000000000000000 in ?? ()
  #1  0x00007ffff7bd16d2 in time () from 
/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1
  #2  0x00007ffff49c1f79 in RAND_poll () from 
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
  #3  0x00007ffff49c0bd5 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
  #4  0x00007ffff49c1603 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
  #5  0x00007ffff4a37288 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
  #6  0x00007ffff4a37914 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
  #7  0x00007ffff49c1993 in RAND_init_fips () from 
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
  #8  0x00007ffff4904f7a in OPENSSL_init_library () from 
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
  #9  0x00007ffff7de74ea in call_init (l=<optimized out>, argc=argc@entry=1, 
argv=argv@entry=0x7fffffffec08, env=env@entry=0x7fffffffec18) at dl-init.c:72
  #10 0x00007ffff7de75fb in call_init (env=0x7fffffffec18, argv=0x7fffffffec08, 
argc=1, l=<optimized out>) at dl-init.c:30
  #11 _dl_init (main_map=0x7ffff7ffe168, argc=1, argv=0x7fffffffec08, 
env=0x7fffffffec18) at dl-init.c:120
  #12 0x00007ffff7dd7cfa in _dl_start_user () from /lib64/ld-linux-x86-64.so.2
  #13 0x0000000000000001 in ?? ()
  #14 0x00007fffffffee15 in ?? ()
  #15 0x0000000000000000 in ?? ()

  
  ubuntu release:
  $ lsb_release -a ; uname  -a 
  No LSB modules are available.
  Distributor ID:       Ubuntu
  Description:  Ubuntu 16.04.1 LTS
  Release:      16.04
  Codename:     xenial
  Linux gitian 4.2.0-42-generic #49-Ubuntu SMP Tue Jun 28 21:26:26 UTC 2016 
x86_64 x86_64 x86_64 GNU/Linux

  
  openssl version:
  $ apt-cache policy openssl
  openssl:
    Installed: 1.0.2g-1ubuntu4.1
    Candidate: 1.0.2g-1ubuntu4.1
    Version table:
   *** 1.0.2g-1ubuntu4.1 500
          500 http://10.0.3.2:3142/security.ubuntu.com/ubuntu 
xenial-security/main amd64 Packages
          500 http://10.0.3.2:3142/archive.ubuntu.com/ubuntu 
xenial-updates/main amd64 Packages
          100 /var/lib/dpkg/status
       1.0.2g-1ubuntu4 500
          500 http://10.0.3.2:3142/archive.ubuntu.com/ubuntu xenial/main amd64 
Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1613658/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1613658] Re: OPENSSL_init_library () crash in conjunction with faketime

Reply via email to