1 Topic by SteffenL (edited by SteffenL 2013-07-28 20:53:57)

  • Registered: 2013-07-18
  • Posts: 10

Topic: Crash when calling wolfSSL_CTX_load_verify_buffer() since v2.6.2

Hello,

Since wolfSSL embedded SSL v2.6.2, my program crashes in wolfSSL_CTX_load_verify_buffer(), which I use to load a CA cert. It's fine in v2.6.0.

I've also tested with the latest development code.

OS: Windows 8 x64
Compiler: VC++ 2012 (XP target)

Call stack:

     msvcr110d.dll!cmpDWORD(const void * lhs=0x030dccfc, const void * rhs=0x00000027) Line 104    C
     msvcr110d.dll!unaligned_memcmp(const unsigned char * bLHS=0x030dcd10, const unsigned char * bRHS=0x0000003b, unsigned int siz=20) Line 162    C
     msvcr110d.dll!memcmp(const void * lhs=0x030dccfc, const void * rhs=0x00000027, unsigned int siz=20) Line 269    C
>    sample_gui_app.exe!AlreadySigner(CYASSL_CERT_MANAGER * cm=0x00c197f8, unsigned char * hash=0x030dccfc) Line 1011    C
     sample_gui_app.exe!AddCA(CYASSL_CERT_MANAGER * cm=0x00c197f8, buffer der={...}, int type=1, int verify=0) Line 1114    C
     sample_gui_app.exe!ProcessBuffer(CYASSL_CTX * ctx=0x046ede90, const unsigned char * buff=0x0063d266, long sz=126326, int format=1, int type=4, CYASSL * ssl=0x00000000, long * used=0x030ddec0, int userChain=0) Line 1658    C
     sample_gui_app.exe!ProcessChainBuffer(CYASSL_CTX * ctx=0x046ede90, const unsigned char * buff=0x0063c930, long sz=128684, int format=1, int type=4, CYASSL * ssl=0x00000000) Line 1784    C
     sample_gui_app.exe!CyaSSL_CTX_load_verify_buffer(CYASSL_CTX * ctx=0x046ede90, const unsigned char * in=0x0063c930, long sz=128684, int format=1) Line 5041    C
     sample_gui_app.exe!aufw::web_api::sslContextCallback(void * ctx=0x046ede90) Line 43    C++

Here's some of my code, which has been working fine until v2.6.2 and later.

    // Load CA certificate from memory
    certificates::StartComCaCert cert;
    const unsigned char* certData = cert.GetData();
    CyaSSL_CTX_load_verify_buffer(
        reinterpret_cast<CYASSL_CTX*>(ctx),
        certData,
        cert.GetSize(),
        SSL_FILETYPE_PEM);

Update
Commit 98b7ed9: Last version that doesn't crash my program.
Commit 9dbf6a5: Crashes somewhere else.
Commit 05dd845: Crashes in AlreadySigner().

Call stack (commit 05dd845):

     msvcr110d.dll!cmpDWORD(const void * lhs=0x049bce70, const void * rhs=0x0000000f) Line 104    C
     msvcr110d.dll!unaligned_memcmp(const unsigned char * bLHS=0x049bce84, const unsigned char * bRHS=0x00000023, unsigned int siz=20) Line 162    C
     msvcr110d.dll!memcmp(const void * lhs=0x049bce70, const void * rhs=0x0000000f, unsigned int siz=20) Line 269    C
>    sample_gui_app.exe!AlreadySigner(CYASSL_CERT_MANAGER * cm=0x04acd768, unsigned char * hash=0x049bce70) Line 883    C
     sample_gui_app.exe!AddCA(CYASSL_CERT_MANAGER * cm=0x04acd768, buffer der={...}, int type=1, int verify=0) Line 942    C
     sample_gui_app.exe!ProcessBuffer(CYASSL_CTX * ctx=0x04acd938, const unsigned char * buff=0x00feb930, long sz=128684, int format=1, int type=4, CYASSL * ssl=0x00000000, long * used=0x049be290, int userChain=0) Line 1459    C
     sample_gui_app.exe!ProcessChainBuffer(CYASSL_CTX * ctx=0x04acd938, const unsigned char * buff=0x00feb930, long sz=128684, int format=1, int type=4, CYASSL * ssl=0x00000000) Line 1585    C
     sample_gui_app.exe!CyaSSL_CTX_load_verify_buffer(CYASSL_CTX * ctx=0x04acd938, const unsigned char * in=0x00feb930, long sz=128684, int format=1) Line 4008    C
     sample_gui_app.exe!aufw::web_api::sslContextCallback(void * ctx=0x04acd938) Line 43    C++

CA bundle used during testing, if needed:
http://www.startssl.com/certs/ca-bundle.pem

Thank you in advance!

Share

  • From: Bozeman, MT
  • Registered: 2010-10-20
  • Posts: 650

Re: Crash when calling wolfSSL_CTX_load_verify_buffer() since v2.6.2

Hi Steffen,

Thanks for attaching a link to the cert bundle you are using.  We'll look into this and get back to you.

- Chris

https://www.wolfssl.com

chrisc's Website

Share

  • Registered: 2013-07-18
  • Posts: 10

Re: Crash when calling wolfSSL_CTX_load_verify_buffer() since v2.6.2

Thank you, Chris!

Please let me know if there's anything I can do to help. smile

Share

  • From: Bozeman, MT
  • Registered: 2010-10-20
  • Posts: 650

Re: Crash when calling wolfSSL_CTX_load_verify_buffer() since v2.6.2

Hi Steffen,

I tested wolfSSL_CTX_load_verify_buffer() on my development machine (OS X) with the cert bundle you attached.  This seemed to work - the function returned SSL_SUCCESS.  Can you verify that the context pointer (ctx) you are passing to wolfSSL_CTX_load_verify_buffer() is valid?

Thanks,
Chris

https://www.wolfssl.com

chrisc's Website

Share

  • Registered: 2013-07-18
  • Posts: 10

Re: Crash when calling wolfSSL_CTX_load_verify_buffer() since v2.6.2

Chris, I hope you've not spent a lot of time on this.

I don't know the exact cause, but it seems like the issue is no more. Would love to blame it on a server issue I learned about later, because of the embarrassing possible truth. neutral

I was absolutely sure that I recompiled everything (wolfSSL and everything that uses wolfSSL) from scratch several times, so I was completely focused on wolfSSL, and blind to perhaps the most obvious thing. I still don't want to believe that I made such a stupid mistake, but it's a good chance that I did. neutral

Chris, sorry for making you work for nothing, and thank you for your efforts.

I'll look into it even more thoroughly and will hopefully not need to mention this again.

PS: Any chance this forum thread and especially my stupid messages can mysteriously go missing somehow? smile

Share

  • From: Bozeman, MT
  • Registered: 2010-10-20
  • Posts: 650

Re: Crash when calling wolfSSL_CTX_load_verify_buffer() since v2.6.2

Hey Steffen,

No problem, we're here to help our users.  I'm just glad to hear you got it working.  Feel free to reach out to us anytime.

Best Regards,
Chris

https://www.wolfssl.com

chrisc's Website

Share

  • Registered: 2013-07-18
  • Posts: 10

Re: Crash when calling wolfSSL_CTX_load_verify_buffer() since v2.6.2

Thanks, Chris! smile

Share