[botan-devel] SEGV in RNG after updating to 1.10.7

Jack Lloyd lloyd at randombit.net
Thu Feb 6 09:54:24 EST 2014


The /dev/random reader did change in 1.10.7. I've been unable to replicate
this crash but from the backtrace I do see a flow that would cause a crash
if read() on the device returns an error.

If you have any ability to repliacate this issue it would be great if
you could strace the process and find the exact error that is being
returned. Likely it is EAGAIN or similiar as we are using non-blocking
reads, so if select returns readable and then in the intervening time
some other process drains the /dev/random pool that would trigger this
bug.

This patch should fix the crash:

#
# old_revision [7f0a8fd7748331d87d6ec9ae013459e4c02c75e8]
#
# patch "src/entropy/dev_random/dev_random.cpp"
#  from [cb24a224755a8464707182e5c3fbd5a92f4c3c6b]
#    to [bf6aae02a86ec7a5f2ac82ca6493078e1d7fdb19]
#
============================================================
--- src/entropy/dev_random/dev_random.cpp       cb24a224755a8464707182e5c3fbd5a92f4c3c6b
+++ src/entropy/dev_random/dev_random.cpp       bf6aae02a86ec7a5f2ac82ca6493078e1d7fdb19
@@ -93,7 +93,9 @@ void Device_EntropySource::poll(Entropy_
       if(FD_ISSET(devices[i], &read_set))
          {
          const ssize_t got = ::read(devices[i], &io_buffer[0], io_buffer.size());
-         accum.add(&io_buffer[0], got, ENTROPY_BITS_PER_BYTE);
+
+         if(got > 0)
+            accum.add(&io_buffer[0], got, ENTROPY_BITS_PER_BYTE);
          }
       }
    }

On Mon, Feb 03, 2014 at 03:57:29PM -0800, William K. Foster wrote:
> Hello,
> 
> I recently updated from Botan v1.10.5 to v1.10.7 and I've seen a SEGV that
> is not easily reproducible in the RNG constructor:
> 
> #1  0x00000000005c794e in GlobalSignalTermHandler (sig=11) at Param.cpp:1422
> #2  <signal handler called>
> #3  0x00000000006e4bdc in Botan::(anonymous
> namespace)::SHA2_64::compress(Botan::MemoryRegion<unsigned long long>&,
> unsigned char const*, unsigned long) ()
> #4  0x00000000006dfd3f in Botan::MDx_HashFunction::add_data(unsigned char
> const*, unsigned long) ()
> #5  0x000000000080da34 in
> Botan::Device_EntropySource::poll(Botan::Entropy_Accumulator&) ()
> #6  0x00000000007d168e in Botan::HMAC_RNG::reseed(unsigned long) ()
> #7  0x00000000007d4c9e in Botan::ANSI_X931_RNG::reseed(unsigned long) ()
> #8  0x000000000077ade4 in
> Botan::Library_State::make_global_rng(Botan::Algorithm_Factory&,
> Botan::Mutex*) ()
> #9  0x00000000006eac6b in Botan::Library_State::global_rng() ()
> #10 0x00000000005cd2fb in Botan::AutoSeeded_RNG::AutoSeeded_RNG
> (this=0x7fff204511d0) at ../../src/Botan/build/include/botan/auto_rng.h:40
> 
> The calling code is doing a default constructor of an RNG:
> 
>     Botan::AutoSeeded_RNG rng;
> 
> This usually works, but on occasion I get a SEGV.
> 
> Could this be related to changes between v1.10.5 and v1.10.7?
> 
> Thanks.
> 
> -William

> _______________________________________________
> botan-devel mailing list
> botan-devel at randombit.net
> http://lists.randombit.net/mailman/listinfo/botan-devel



More information about the botan-devel mailing list