-
Notifications
You must be signed in to change notification settings - Fork 29.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Piping streams into SHA3 without end: false crashes #28245
Labels
confirmed-bug
Issues with confirmed bugs.
crypto
Issues and PRs related to the crypto subsystem.
openssl
Issues and PRs related to the OpenSSL dependency.
stream
Issues and PRs related to the stream subsystem.
Comments
tniessen
added
crypto
Issues and PRs related to the crypto subsystem.
openssl
Issues and PRs related to the OpenSSL dependency.
stream
Issues and PRs related to the stream subsystem.
confirmed-bug
Issues with confirmed bugs.
labels
Jun 15, 2019
Stack trace: Thread 1 "node" received signal SIGSEGV, Segmentation fault.
0x00000000016a11ad in SHA3_absorb ()
(gdb) bt
#0 0x00000000016a11ad in SHA3_absorb ()
#1 0x00000000015ae107 in sha3_final ()
#2 0x0000000001593d3f in EVP_DigestFinal_ex ()
#3 0x0000000000a87230 in node::crypto::Hash::HashDigest(v8::FunctionCallbackInfo<v8::Value> const&) ()
#4 0x0000000000b9cae6 in v8::internal::MaybeHandle<v8::internal::Object> v8::internal::(anonymous namespace)::HandleApiCallHelper<false>(v8::internal::Isolate*, v8::internal::Handle<v8::internal::HeapObject>, v8::internal::Handle<v8::internal::HeapObject>, v8::internal::Handle<v8::internal::FunctionTemplateInfo>, v8::internal::Handle<v8::internal::Object>, v8::internal::BuiltinArguments) ()
#5 0x0000000000b9e9f9 in v8::internal::Builtin_HandleApiCall(int, unsigned long*, v8::internal::Isolate*) ()
#6 0x0000000001a93942 in Builtins_CEntry_Return1_DontSaveFPRegs_ArgvOnStack_NoBuiltinExit () at ../../deps/v8/src/builtins/base.tq:1866
#7 0x00000000019fd584 in Builtins_InterpreterEntryTrampoline () at ../../deps/v8/src/builtins/base.tq:107 |
Valgrind info for the first example:
|
3 tasks
targos
pushed a commit
that referenced
this issue
Jul 2, 2019
When piping data into an SHA3 hash, EVP_DigestFinal_ex is called in hash._flush, bypassing safeguards in the JavaScript layer. Calling hash.digest causes EVP_DigestFinal_ex to be called again, resulting in a segmentation fault in the SHA3 implementation of OpenSSL. A relatively easy solution is to cache the result of calling EVP_DigestFinal_ex until the Hash object is garbage collected. PR-URL: #28251 Fixes: #28245 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
evanlucas
pushed a commit
to evanlucas/node
that referenced
this issue
Feb 4, 2021
When piping data into an SHA3 hash, EVP_DigestFinal_ex is called in hash._flush, bypassing safeguards in the JavaScript layer. Calling hash.digest causes EVP_DigestFinal_ex to be called again, resulting in a segmentation fault in the SHA3 implementation of OpenSSL. A relatively easy solution is to cache the result of calling EVP_DigestFinal_ex until the Hash object is garbage collected. PR-URL: nodejs#28251 Fixes: nodejs#28245 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
richardlau
pushed a commit
that referenced
this issue
Feb 5, 2021
When piping data into an SHA3 hash, EVP_DigestFinal_ex is called in hash._flush, bypassing safeguards in the JavaScript layer. Calling hash.digest causes EVP_DigestFinal_ex to be called again, resulting in a segmentation fault in the SHA3 implementation of OpenSSL. A relatively easy solution is to cache the result of calling EVP_DigestFinal_ex until the Hash object is garbage collected. PR-URL: #28251 Fixes: #28245 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> PR-URL: #37009 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Shelley Vohr <[email protected]>
richardlau
pushed a commit
that referenced
this issue
Feb 5, 2021
When piping data into an SHA3 hash, EVP_DigestFinal_ex is called in hash._flush, bypassing safeguards in the JavaScript layer. Calling hash.digest causes EVP_DigestFinal_ex to be called again, resulting in a segmentation fault in the SHA3 implementation of OpenSSL. A relatively easy solution is to cache the result of calling EVP_DigestFinal_ex until the Hash object is garbage collected. PR-URL: #28251 Fixes: #28245 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Backport-PR-URL: #37009 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Shelley Vohr <[email protected]>
richardlau
pushed a commit
that referenced
this issue
Feb 8, 2021
When piping data into an SHA3 hash, EVP_DigestFinal_ex is called in hash._flush, bypassing safeguards in the JavaScript layer. Calling hash.digest causes EVP_DigestFinal_ex to be called again, resulting in a segmentation fault in the SHA3 implementation of OpenSSL. A relatively easy solution is to cache the result of calling EVP_DigestFinal_ex until the Hash object is garbage collected. PR-URL: #28251 Fixes: #28245 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Backport-PR-URL: #37009 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Shelley Vohr <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
confirmed-bug
Issues with confirmed bugs.
crypto
Issues and PRs related to the crypto subsystem.
openssl
Issues and PRs related to the OpenSSL dependency.
stream
Issues and PRs related to the stream subsystem.
This code causes a segmentation fault in 12.4.0:
This seems to be caused by
pipe
callinghash._flush
whenend
is not set tofalse
. This code also causes a segmentation fault:This seems to be at least partially caused by the implementation of
_flush
:node/lib/internal/crypto/hash.js
Lines 54 to 57 in 908292c
It bypasses the
this[kState][kFinalized]
safeguard:node/lib/internal/crypto/hash.js
Lines 79 to 91 in 908292c
Note that this bug only happens when using SHA3,
sha256
seems to be working just fine, so there might also be some weirdness in OpenSSL.cc @mcollina @nodejs/crypto @nodejs/streams
The text was updated successfully, but these errors were encountered: