Uploaded image for project: 'Erlang/OTP'
  1. Erlang/OTP
  2. ERL-673

Segmentation fault in crypto module

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 20.0
    • Fix Version/s: 20.3.8.5, 21.0.5
    • Component/s: crypto
    • Labels:

      Description

      Using any term other than an integer or binary as the second argument of crypto:compute_key/4 (OtherPublicKey) crashes the Erlang VM.

      Steps to reproduce:

      Erlang/OTP 20 [erts-9.2] [source] [64-bit] [smp:4:4] [ds:4:4:10] [async-threads:10] [kernel-poll:false]
      
      Eshell V9.2  (abort with ^G)
      1> {Pub, Priv} = crypto:generate_key(ecdh, sect571r1).
      {<<4,2,235,95,224,176,123,92,220,161,19,218,150,90,105,73,
         130,110,248,235,161,13,140,173,162,48,86,47,...>>,
       <<1,149,117,187,93,141,95,67,206,212,247,93,164,200,38,
         130,168,242,220,159,232,171,113,97,107,112,168,...>>}
      2> crypto:compute_key(ecdh, foo, Priv, sect571r1).
      Segmentation fault (core dumped)
      

      The atom foo can be replaced by any arbitrary non-integer and non-binary term with the same result.

      A cursory inspection of the source (crypto.erl) indicates that adding an is_binary guard to ensure_int_as_bin/1 would be a quick fix for the problem. The core issue, however, is in the ecdh_compute_key_nif native function or one of the functions it calls.

        Attachments

          Activity

            People

            Assignee:
            otp_team_ps Team PS
            Reporter:
            dansarie Marcus Dansarie
            Votes:
            2 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: