Shallot

Shallot copied to clipboard

./shallot ^test Segmentation fault (core dumped) .....

Оne of the four normal. Observed only on AWS.

uname -a Linux ip-172-31-19-207 3.2.0-54-virtual #82-Ubuntu SMP Tue Sep 10 20:31:18 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

free -g total used free shared buffers cached 29 0 28 0 0 0

That happens to me very often too.

Gentoo Linux desktop 3.17.1 #1 SMP Sat Oct 18 00:33:19 MSK 2014 x86_64 Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz GenuineIntel GNU/Linux

Core was generated by `./shallot -t 17 ^asdfgh'. Program terminated with signal 11, Segmentation fault. #0 sha1_block_data_order_avx () at sha1-x86_64.s:3395 3395 sha1-x86_64.s: No such file or directory. (gdb) bt #0 sha1_block_data_order_avx () at sha1-x86_64.s:3395 #1 0x5ef311e522033fcc in ?? () #2 0xc3e4152c111613eb in ?? () #3 0x7eaec7c3e98f2d89 in ?? () #4 0x2b3f17bcb2f99615 in ?? () #5 0x226fca36e6987e54 in ?? () #6 0x30411997fd666f51 in ?? () #7 0x66f812cd197e37b8 in ?? () #8 0xbaef2237c43667f5 in ?? () #9 0x00007fae9ecfc64f in state () from /usr/lib64/libcrypto.so.1.0.0 #10 0x00007fae98001290 in ?? () #11 0x0000000000000010 in ?? () #12 0x00007fae9e99be30 in SHA1_Update (c=0xaab72fae, data_=, len=) at ../md32_common.h:325 #13 0x00007fae9ea119cb in ssleay_rand_add (buf=buf@entry=0x7fae9ea9953d, num=num@entry=20, add=add@entry=0) at md_rand.c:275 #14 0x00007fae9ea11d75 in ssleay_rand_bytes (buf=0x7fae98001240 "", num=64, pseudo=0, lock=1) at md_rand.c:423 #15 0x00007fae9e9d473d in bnrand (pseudorand=pseudorand@entry=0, rnd=rnd@entry=0x7fae98000ee0, bits=bits@entry=512, top=top@entry=1, bottom=bottom@entry=1) at bn_rand.c:152 #16 0x00007fae9e9d4915 in bnrand (bottom=bottom@entry=1, top=top@entry=1, bits=bits@entry=512, rnd=rnd@entry=0x7fae98000ee0, pseudorand=0) at bn_rand.c:212 #17 BN_rand (rnd=rnd@entry=0x7fae98000ee0, bits=bits@entry=512, top=top@entry=1, bottom=bottom@entry=1) at bn_rand.c:213 #18 0x00007fae9e9d70d8 in probable_prime (rnd=rnd@entry=0x7fae98000ee0, bits=bits@entry=512) at bn_prime.c:384 #19 0x00007fae9e9d7bcc in BN_generate_prime_ex (ret=0x7fae98000ee0, bits=bits@entry=512, safe=safe@entry=0, add=add@entry=0x0, rem=rem@entry=0x0, cb=cb@entry=0x7fae9d96ac80) at bn_prime.c:177 #20 0x00007fae9e9f2e8c in rsa_builtin_keygen (cb=0x7fae9d96ac80, e_value=0x7fae98000b80, bits=1024, rsa=0x7fae980008c0) at rsa_gen.c:135 #21 RSA_generate_key_ex (rsa=rsa@entry=0x7fae980008c0, bits=bits@entry=1024, e_value=e_value@entry=0x7fae98000b40, cb=cb@entry=0x7fae9d96ac80) at rsa_gen.c:97 #22 0x00007fae9e9f6496 in RSA_generate_key (bits=bits@entry=1024, e_value=e_value@entry=3, callback=callback@entry=0x0, cb_arg=cb_arg@entry=0x0) at rsa_depr.c:92 #23 0x00000000004023e3 in easygen (num=num@entry=1024, len=len@entry=3 '\003', der=der@entry=0x7fae9d96ae90 "", edl=edl@entry=140 '\214', ctx=0x7fae9d96add0) at src/math.c:30 #24 0x0000000000402f04 in worker (params=) at src/thread.c:44 #25 0x00007fae9ef741da in start_thread (arg=0x7fae9d96b700) at pthread_create.c:309 #26 0x00007fae9e6748cd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111 (gdb)

Could that be the off by one error referenced here: https://github.com/katmagic/Shallot/pull/9 ?

The SHA1_CTX is located directly after the onion buffer, where mentioned bug lead to base32_onion writing a \0 after the onion buffer.