Welcome to the wolfSSL Forums!

joseph · 2012-07-03 02:14:23

joseph
Member
Offline

From: Edinburgh, UK
Registered: 2012-07-03
Posts: 5

Topic: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

Hi there,

As recommended, we're using the experimental API for decoding raw ASN1 certs, but have run into an issue in libcyassl-2.4.0 where the ParseCert function appears to be smashing the stack.

Please find the code snippet and gdb trace below. Is there a ParseCert() replacement on the roadmap?

Many thanks.
Joe

Code snippet

#define XDEBUG(...) fprintf(stderr, ##__VA_ARGS__)
XDEBUG("Bloxx: Going to parse cert\n");
if (ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0) != 0)
{
XDEBUG("Bloxx: Failed to parse cert\n");
XERROR("Bloxx: [%s] Unable to decode certificate "
"(unable to parse ASN1 DER buffer)",
__FUNCTION__);
}
else
{
XDEBUG("Bloxx: Parsed cert\n");
XDEBUG("Bloxx: Serial Sz = %d\n", cert.serialSz);
}

#undef XDEBUG

Trace from gdb

Tue Jul 3 09:39:25 2012: Loaded CA cert

...

Tue Jul 3 09:39:25 2012: Bloxx: init
Tue Jul 3 09:39:25 2012: Bloxx: [db] Connecting...
Tue Jul 3 09:39:25 2012: intofiy read error, will continue
Tue Jul 3 09:39:25 2012: intofiy read error, will continue
Tue Jul 3 09:39:25 2012: intofiy read error, will continue
Tue Jul 3 09:39:25 2012: intofiy read error, will continue
Tue Jul 3 09:39:25 2012: Bloxx: [db] Connected
^C
Program received signal SIGINT, Interrupt.
0x00007ffff6e872d3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:82
82 ../sysdeps/unix/syscall-template.S: No such file or directory.
in ../sysdeps/unix/syscall-template.S
(gdb) break bloxx_sslbump
Breakpoint 1 at 0x40cc30: file src/bloxx.c, line 89.
(gdb) c
Continuing.
Tue Jul 3 09:39:38 2012: intofiy read error, will continue
Tue Jul 3 09:39:51 2012: Accepted a connection, sent to thread 0
Tue Jul 3 09:39:51 2012: Peer is from 172.21.127.11 port 56971
Tue Jul 3 09:39:51 2012: In ReadCb
Tue Jul 3 09:39:51 2012: Checking DownStream Headers
Tue Jul 3 09:39:51 2012: End of headers at 173
Tue Jul 3 09:39:51 2012: CONNECT 74.125.132.94:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Proxy-Connection: keep-alive
Host: 74.125.132.94

Tue Jul 3 09:39:51 2012: Trying to caputre proxy auth header if there
Tue Jul 3 09:39:51 2012: Search of evbuffer failed
Tue Jul 3 09:39:51 2012: No proxy auth header, ok
Tue Jul 3 09:39:51 2012: In FirstBumpInRequest
Tue Jul 3 09:39:51 2012: In GetRequestInfo
Tue Jul 3 09:39:51 2012:
request method = CONNECT
request uri = 74.125.132.94:443
request version = HTTP/1.1
request host = 74.125.132.94
request port = 443

Tue Jul 3 09:39:51 2012: In IsCertCached
Tue Jul 3 09:39:51 2012: Starting to get peer's cert
Tue Jul 3 09:39:51 2012: Check Headers continue
Tue Jul 3 09:39:51 2012: In EventCb
Tue Jul 3 09:39:51 2012: Connected to certStream nonblocking OK
Tue Jul 3 09:39:51 2012: Calling SSL_connect cert
Tue Jul 3 09:39:51 2012: Cyassl SendCb sent
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 5
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb doesn't have any data ready yet
Tue Jul 3 09:39:51 2012: SSL_connect cert continue non/blocking
Tue Jul 3 09:39:51 2012: In ReadCb
Tue Jul 3 09:39:51 2012: Calling SSL_connect cert
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 5
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 74
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 5
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 7482
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 4730
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb doesn't have any data ready yet
Tue Jul 3 09:39:51 2012: SSL_connect cert continue non/blocking
Tue Jul 3 09:39:51 2012: In ReadCb
Tue Jul 3 09:39:51 2012: Calling SSL_connect cert
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 4730
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 3470
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb doesn't have any data ready yet
Tue Jul 3 09:39:51 2012: SSL_connect cert continue non/blocking
Tue Jul 3 09:39:51 2012: In ReadCb
Tue Jul 3 09:39:51 2012: Calling SSL_connect cert
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 3470
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 2052
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb doesn't have any data ready yet
Tue Jul 3 09:39:51 2012: SSL_connect cert continue non/blocking
Tue Jul 3 09:39:51 2012: In ReadCb
Tue Jul 3 09:39:51 2012: Calling SSL_connect cert
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 2052
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 5
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul 3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 4
Tue Jul 3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul 3 09:39:51 2012: SSL_connect cert success
Tue Jul 3 09:39:51 2012: Peer's cert is 6777 bytes

Tue Jul 3 09:39:51 2012: Spoofed cert, now saving it
Tue Jul 3 09:39:51 2012: Caching spoofed cert
Tue Jul 3 09:39:51 2012: Scheduling downstream request
Tue Jul 3 09:39:51 2012: In ReadCb
Tue Jul 3 09:39:51 2012: Checking DownStream Headers
Tue Jul 3 09:39:51 2012: End of headers at 173
Tue Jul 3 09:39:51 2012: CONNECT 74.125.132.94:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Proxy-Connection: keep-alive
Host: 74.125.132.94

Tue Jul 3 09:39:51 2012: Trying to caputre proxy auth header if there
Tue Jul 3 09:39:51 2012: Search of evbuffer failed
Tue Jul 3 09:39:51 2012: No proxy auth header, ok
Tue Jul 3 09:39:51 2012: In FirstBumpInRequest
Tue Jul 3 09:39:51 2012: In GetRequestInfo
Tue Jul 3 09:39:51 2012:
request method = CONNECT
request uri = 74.125.132.94:443
request version = HTTP/1.1
request host = 74.125.132.94
request port = 443

Tue Jul 3 09:39:51 2012: In IsCertCached
Tue Jul 3 09:39:51 2012: We don't have bloxx answer yet, saving it
[Switching to Thread 0x7ffff3c04700 (LWP 22326)]

Breakpoint 1, bloxx_sslbump (req=0x7ffff3bf3ce0) at src/bloxx.c:89
89 {
(gdb) n
Tue Jul 3 09:39:53 2012: intofiy read error, will continue
Tue Jul 3 09:39:53 2012: intofiy read error, will continue
Tue Jul 3 09:39:53 2012: intofiy read error, will continue
Tue Jul 3 09:39:53 2012: intofiy read error, will continue
Tue Jul 3 09:39:53 2012: intofiy read error, will continue
90    assert(req);
(gdb)
Tue Jul 3 09:39:54 2012: intofiy read error, will continue
89 {
(gdb)
Tue Jul 3 09:39:54 2012: intofiy read error, will continue
90    assert(req);
(gdb)
Tue Jul 3 09:39:54 2012: intofiy read error, will continue
91    assert(req->src);
(gdb)
Tue Jul 3 09:39:54 2012: intofiy read error, will continue
Tue Jul 3 09:39:54 2012: intofiy read error, will continue
Tue Jul 3 09:39:54 2012: intofiy read error, will continue
92    assert(req->dst);
(gdb)
Tue Jul 3 09:39:55 2012: intofiy read error, will continue
Tue Jul 3 09:39:55 2012: intofiy read error, will continue
93    assert(req->cert.data);
(gdb)
Tue Jul 3 09:39:56 2012: intofiy read error, will continue
Tue Jul 3 09:39:56 2012: intofiy read error, will continue
94    assert(req->cert.len > 0);
(gdb)
Tue Jul 3 09:39:57 2012: intofiy read error, will continue
Tue Jul 3 09:39:57 2012: intofiy read error, will continue
102    XDEBUG("Bloxx: [%s] Got req->src = '%s'",
(gdb)
Tue Jul 3 09:39:58 2012: intofiy read error, will continue
Tue Jul 3 09:39:58 2012: intofiy read error, will continue
Tue Jul 3 09:39:58 2012: intofiy read error, will continue
Tue Jul 3 09:39:58 2012: intofiy read error, will continue
Tue Jul 3 09:39:58 2012: intofiy read error, will continue
Tue Jul 3 09:39:58 2012: Bloxx: [bloxx_sslbump] Got req->src = '172.21.127.11'
104    XDEBUG("Bloxx: [%s] Got req->dst = '%s'",
(gdb)
Tue Jul 3 09:39:59 2012: intofiy read error, will continue
Tue Jul 3 09:39:59 2012: intofiy read error, will continue
Tue Jul 3 09:39:59 2012: intofiy read error, will continue
Tue Jul 3 09:39:59 2012: intofiy read error, will continue
111    if (inet_pton(AF_INET, req->dst, &addr))
(gdb)
Tue Jul 3 09:40:00 2012: intofiy read error, will continue
104    XDEBUG("Bloxx: [%s] Got req->dst = '%s'",
(gdb)
Tue Jul 3 09:40:01 2012: intofiy read error, will continue
Tue Jul 3 09:40:01 2012: Bloxx: [bloxx_sslbump] Got req->dst = '74.125.132.94'
Tue Jul 3 09:40:01 2012: intofiy read error, will continue
111    if (inet_pton(AF_INET, req->dst, &addr))
(gdb)
Tue Jul 3 09:40:02 2012: intofiy read error, will continue
Tue Jul 3 09:40:02 2012: intofiy read error, will continue
Tue Jul 3 09:40:02 2012: intofiy read error, will continue
109    struct in_addr addr = { };
(gdb)
Tue Jul 3 09:40:02 2012: intofiy read error, will continue
111    if (inet_pton(AF_INET, req->dst, &addr))
(gdb)
Tue Jul 3 09:40:03 2012: intofiy read error, will continue
Tue Jul 3 09:40:03 2012: intofiy read error, will continue
Tue Jul 3 09:40:03 2012: intofiy read error, will continue
Tue Jul 3 09:40:03 2012: intofiy read error, will continue
113    XDEBUG("Bloxx: [%s] Detected IPv4 address (%s)",
(gdb)
Tue Jul 3 09:40:04 2012: intofiy read error, will continue
Tue Jul 3 09:40:04 2012: intofiy read error, will continue
Tue Jul 3 09:40:04 2012: intofiy read error, will continue
Tue Jul 3 09:40:04 2012: intofiy read error, will continue
Tue Jul 3 09:40:04 2012: intofiy read error, will continue
Tue Jul 3 09:40:04 2012: intofiy read error, will continue
Tue Jul 3 09:40:04 2012: Bloxx: [bloxx_sslbump] Detected IPv4 address (74.125.132.94)
115    XDEBUG("Bloxx: [%s] Checking for IPv4 tunnel rule",
(gdb)
Tue Jul 3 09:40:05 2012: intofiy read error, will continue
Tue Jul 3 09:40:05 2012: intofiy read error, will continue
Tue Jul 3 09:40:05 2012: intofiy read error, will continue
Tue Jul 3 09:40:05 2012: intofiy read error, will continue
Tue Jul 3 09:40:05 2012: intofiy read error, will continue
Tue Jul 3 09:40:05 2012: Bloxx: [bloxx_sslbump] Checking for IPv4 tunnel rule
118    pthread_rwlock_rdlock(&ip4Lock);
(gdb)
Tue Jul 3 09:40:05 2012: intofiy read error, will continue
Tue Jul 3 09:40:05 2012: intofiy read error, will continue
Tue Jul 3 09:40:05 2012: intofiy read error, will continue
120    if (LookupHashTable(&ip4Rules, (void *)&addr, NULL))
(gdb)
Tue Jul 3 09:40:06 2012: intofiy read error, will continue
Tue Jul 3 09:40:06 2012: intofiy read error, will continue
Tue Jul 3 09:40:06 2012: intofiy read error, will continue
Tue Jul 3 09:40:06 2012: intofiy read error, will continue
Tue Jul 3 09:40:06 2012: intofiy read error, will continue
128    pthread_rwlock_unlock(&ip4Lock);
(gdb)
Tue Jul 3 09:40:07 2012: intofiy read error, will continue
Tue Jul 3 09:40:07 2012: intofiy read error, will continue
Tue Jul 3 09:40:07 2012: intofiy read error, will continue
Tue Jul 3 09:40:07 2012: intofiy read error, will continue
148    if (bump)
(gdb)
Tue Jul 3 09:40:07 2012: intofiy read error, will continue
Tue Jul 3 09:40:07 2012: intofiy read error, will continue
151    if (IsDebugLevel())
(gdb)
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
153    XDEBUG("Bloxx: [%s] Checking for certificate tunnel rule",
(gdb)
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: Bloxx: [bloxx_sslbump] Checking for certificate tunnel rule
156    XDEBUG("Bloxx: [%s] Decoding certificate",
(gdb)
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: intofiy read error, will continue
Tue Jul 3 09:40:08 2012: Bloxx: [bloxx_sslbump] Decoding certificate
160    DecodedCert cert = { };
(gdb)
Tue Jul 3 09:40:09 2012: intofiy read error, will continue
Tue Jul 3 09:40:09 2012: intofiy read error, will continue
Tue Jul 3 09:40:09 2012: intofiy read error, will continue
161    InitDecodedCert(&cert,
(gdb) watch cert.subjectCN
Hardware watchpoint 2: cert.subjectCN
(gdb) n
Tue Jul 3 09:40:21 2012: intofiy read error, will continue
160    DecodedCert cert = { };
(gdb)
Tue Jul 3 09:40:23 2012: intofiy read error, will continue
Tue Jul 3 09:40:23 2012: intofiy read error, will continue
Tue Jul 3 09:40:23 2012: intofiy read error, will continue
161    InitDecodedCert(&cert,
(gdb)
Tue Jul 3 09:40:23 2012: intofiy read error, will continue
Tue Jul 3 09:40:23 2012: intofiy read error, will continue
Tue Jul 3 09:40:23 2012: intofiy read error, will continue
Tue Jul 3 09:40:23 2012: intofiy read error, will continue
Tue Jul 3 09:40:23 2012: intofiy read error, will continue
Hardware watchpoint 2: cert.subjectCN

Old value = 0x7ffff3bf3c40 ""
New value = 0x0
0x00007ffff7141120 in InitDecodedCert () from /usr/lib/libcyassl.so.3
(gdb)
Single stepping until exit from function InitDecodedCert,
which has no line number information.
Tue Jul 3 09:40:24 2012: intofiy read error, will continue
Tue Jul 3 09:40:24 2012: intofiy read error, will continue
Tue Jul 3 09:40:24 2012: intofiy read error, will continue
Tue Jul 3 09:40:24 2012: intofiy read error, will continue
Tue Jul 3 09:40:24 2012: intofiy read error, will continue
bloxx_sslbump (req=0x7ffff3bf3ce0) at src/bloxx.c:166
166 XDEBUG("Bloxx: Going to parse cert\n");
(gdb)
Tue Jul 3 09:40:25 2012: intofiy read error, will continue
Tue Jul 3 09:40:25 2012: intofiy read error, will continue
Tue Jul 3 09:40:25 2012: intofiy read error, will continue
Bloxx: Going to parse cert
167 if (ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0) != 0)
(gdb)
Tue Jul 3 09:40:26 2012: intofiy read error, will continue
Tue Jul 3 09:40:26 2012: intofiy read error, will continue
Hardware watchpoint 2: cert.subjectCN

Old value = 0x0
New value = 0x6603b0 "google.com0\201\237\060\r\006\t*\206H\206\367\r\001\001\001\005"
0x00007ffff71447d4 in ?? () from /usr/lib/libcyassl.so.3
(gdb)
Cannot find bounds of current function
(gdb)

Joseph Spadavecchia
joseph@redtrie.com

todd · 2012-07-03 11:38:21

todd
Moderator
Offline

Registered: 2010-10-21
Posts: 98

Re: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

No replacement is on the map yet.

If you --enable-yassl-testing the same ParseCert() is called with the same arguments. Also, SSL_connect() calls ParseCert(). I've never seen this stack problem in those instances. Is it possible something else is damaging the stack and you're just seeing it then?

joseph · 2012-07-04 01:31:37

joseph
Member
Offline

From: Edinburgh, UK
Registered: 2012-07-03
Posts: 5

Re: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

The problem is that the stack smashing does not occur in version 2.2.0.

With the same version of our code (0.9-73), the stack smashing does not happen when we use cyassl-2.2.0 embedded SSL. The problem only when we upgrade to 2.4.0, again with version 0.9-73 (or later) or our code.

Since SSL_connect() calls ParseCert(), this increases the priority for us to resolve this.

In order to eliminate any of our code as suspect could you please suggest a simple unit test?

Thanks.

Joseph Spadavecchia
joseph@redtrie.com

joseph · 2012-07-04 01:50:14

joseph
Member
Offline

From: Edinburgh, UK
Registered: 2012-07-03
Posts: 5

Re: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

Hi Todd,

Please find below a gdb trace of it happening with --enable-yassl-testing

This is with version 0.9-73 of our code and libcyassl-2.4.0. We have tested with versions >= 0.9-73 and the same issue happens. When we downgrade cyassl to version 2.2.0, then the problem goes away.

Many thanks,
*Joe

^C
Program received signal SIGINT, Interrupt.
0x00007ffff70b32d3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:82
82 ../sysdeps/unix/syscall-template.S: No such file or directory.
in ../sysdeps/unix/syscall-template.S
(gdb) break bloxx_sslbump
Breakpoint 1 at 0x40c160: file src/bloxx.c, line 786.
(gdb) c
Continuing.
Wed Jul 4 09:43:51 2012: intofiy read error, will continue
Wed Jul 4 09:44:09 2012: Accepted a connection, sent to thread 0
Wed Jul 4 09:44:09 2012: Peer is from 172.21.127.11 port 51238
Wed Jul 4 09:44:09 2012: In ReadCb
Wed Jul 4 09:44:09 2012: Checking DownStream Headers
Wed Jul 4 09:44:09 2012: End of headers at 175
Wed Jul 4 09:44:09 2012: CONNECT 173.194.67.104:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Proxy-Connection: keep-alive
Host: 173.194.67.104

Wed Jul 4 09:44:09 2012: Trying to caputre proxy auth header if there
Wed Jul 4 09:44:09 2012: Search of evbuffer failed
Wed Jul 4 09:44:09 2012: No proxy auth header, ok
Wed Jul 4 09:44:09 2012: In FirstBumpInRequest
Wed Jul 4 09:44:09 2012: In GetRequestInfo
Wed Jul 4 09:44:09 2012:
request method = CONNECT
request uri = 173.194.67.104:443
request version = HTTP/1.1
request host = 173.194.67.104
request port = 443

Wed Jul 4 09:44:09 2012: In IsCertCached
Wed Jul 4 09:44:09 2012: Starting to get peer's cert
Wed Jul 4 09:44:09 2012: Check Headers continue
Wed Jul 4 09:44:09 2012: In EventCb
Wed Jul 4 09:44:09 2012: Connected to certStream nonblocking OK
Wed Jul 4 09:44:09 2012: Calling SSL_connect cert
Wed Jul 4 09:44:09 2012: Cyassl SendCb sent
Wed Jul 4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 5
Wed Jul 4 09:44:09 2012: Cyassl ReceiveCb doesn't have any data ready yet
Wed Jul 4 09:44:09 2012: SSL_connect cert continue non/blocking
Wed Jul 4 09:44:09 2012: In ReadCb
Wed Jul 4 09:44:09 2012: Calling SSL_connect cert
Wed Jul 4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 5
Wed Jul 4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul 4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 74
Wed Jul 4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul 4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 5
Wed Jul 4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul 4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 1625
Wed Jul 4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul 4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 5
Wed Jul 4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul 4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 4
Wed Jul 4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul 4 09:44:09 2012: SSL_connect cert success
Wed Jul 4 09:44:09 2012: Peer's cert is 805 bytes

Wed Jul 4 09:44:09 2012: Spoofed cert, now saving it
Wed Jul 4 09:44:09 2012: Caching spoofed cert
Wed Jul 4 09:44:09 2012: Scheduling downstream request
Wed Jul 4 09:44:09 2012: In ReadCb
Wed Jul 4 09:44:09 2012: Checking DownStream Headers
Wed Jul 4 09:44:09 2012: End of headers at 175
Wed Jul 4 09:44:09 2012: CONNECT 173.194.67.104:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Proxy-Connection: keep-alive
Host: 173.194.67.104

Wed Jul 4 09:44:09 2012: Trying to caputre proxy auth header if there
Wed Jul 4 09:44:09 2012: Search of evbuffer failed
Wed Jul 4 09:44:09 2012: No proxy auth header, ok
Wed Jul 4 09:44:09 2012: In FirstBumpInRequest
Wed Jul 4 09:44:09 2012: In GetRequestInfo
Wed Jul 4 09:44:09 2012:
request method = CONNECT
request uri = 173.194.67.104:443
request version = HTTP/1.1
request host = 173.194.67.104
request port = 443

Wed Jul 4 09:44:09 2012: In IsCertCached
Wed Jul 4 09:44:09 2012: We don't have bloxx answer yet, saving it
[Switching to Thread 0x7ffff6716700 (LWP 16392)]

Breakpoint 1, bloxx_sslbump (req=0x7ffff6705d00) at src/bloxx.c:786
786 {
(gdb) watch cert.subjectCN
Hardware watchpoint 2: cert.subjectCN
(gdb) n
Wed Jul 4 09:44:19 2012: intofiy read error, will continue
Wed Jul 4 09:44:19 2012: intofiy read error, will continue
Wed Jul 4 09:44:19 2012: intofiy read error, will continue
Wed Jul 4 09:44:19 2012: intofiy read error, will continue
787    assert(req);
(gdb)
Wed Jul 4 09:44:19 2012: intofiy read error, will continue
Wed Jul 4 09:44:19 2012: intofiy read error, will continue
788    assert(req->src);
(gdb)
Wed Jul 4 09:44:20 2012: intofiy read error, will continue
Wed Jul 4 09:44:20 2012: intofiy read error, will continue
789    assert(req->dst);
(gdb)
Wed Jul 4 09:44:20 2012: intofiy read error, will continue
Wed Jul 4 09:44:20 2012: intofiy read error, will continue
790    assert(req->cert.data);
(gdb)
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
791    assert(req->cert.len > 0);
(gdb)
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
798    DecodedCert cert = { };
(gdb)
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
Wed Jul 4 09:44:21 2012: intofiy read error, will continue
799    InitDecodedCert(&cert,
(gdb)
Wed Jul 4 09:44:23 2012: intofiy read error, will continue
Wed Jul 4 09:44:23 2012: intofiy read error, will continue
Wed Jul 4 09:44:23 2012: intofiy read error, will continue
Hardware watchpoint 2: cert.subjectCN

Old value = 0x7ffff6705c79 ""
New value = 0x0
0x00007ffff736d120 in InitDecodedCert () from /usr/lib/libcyassl.so.3
(gdb)
Single stepping until exit from function InitDecodedCert,
which has no line number information.
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
Wed Jul 4 09:44:24 2012: intofiy read error, will continue
bloxx_sslbump (req=<value optimized out>) at src/bloxx.c:803
803 if (ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0) != 0)
(gdb)
Wed Jul 4 09:44:25 2012: intofiy read error, will continue
Wed Jul 4 09:44:25 2012: intofiy read error, will continue
Wed Jul 4 09:44:25 2012: intofiy read error, will continue
Wed Jul 4 09:44:25 2012: intofiy read error, will continue
Wed Jul 4 09:44:25 2012: intofiy read error, will continue
Wed Jul 4 09:44:25 2012: intofiy read error, will continue
Hardware watchpoint 2: cert.subjectCN

Old value = 0x0
New value = 0x61cf68 "www.google.com0\201\237\060\r\006\t*\206H\206\367\r\001\001\001\005"
0x00007ffff73707d4 in ?? () from /usr/lib/libcyassl.so.3
(gdb)
Cannot find bounds of current function
(gdb)

Joseph Spadavecchia
joseph@redtrie.com

Welcome to the wolfSSL Forums!

cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

Posts: 4

1 Topic by joseph 2012-07-03 02:14:23

Topic: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

2 Reply by todd 2012-07-03 11:38:21

Re: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

3 Reply by joseph 2012-07-04 01:31:37

Re: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

4 Reply by joseph 2012-07-04 01:50:14

Re: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

Posts: 4