SIGSEGV in Crypto.AES.CCM
From LysLysKOM
25080935 igår 21:18 /27 rader/ Niels Möller (entering a radioactive zone)
Mottagare: Pike (-) developers forum <21270>
Mottagare: Niels Möller (entering a radioactive zone) <104958>
Mottaget: igår 21:18
Ärende: Bug in ccm glue?Hi, I've received a bug report (from someone at Opera) about a crash when using Crypto.AES.CCM. Example
int main() {
mixed state1 = Crypto.AES.CCM.State();
state1->set_encrypt_key(String.hex2string("bedcfb5a011ebc84600fcb296c15af0d"));
state1->set_iv(String.hex2string("438a547a94ea88dce46c6c85"));
state1->update(String.hex2string(""));
string ct = state1->crypt(String.hex2string(""));
state1->digest();
return 0;
}When I try it (with Pike v8.0, installed as a debian package on x86_64) it segfaults in nettle_memxor3. As far as I can tell from 5 minutes of printf debugging, crash is inside the call to ->digest().
The set_iv method looks a bit suspicious to me, it doesn't include the required arguments for the nettle function ccm_set_nonce (and ccm is generally a bit messier to setup than most other modes). See http://www.lysator.liu.se/~nisse/nettle/nettle.html#index-ccm_005fset_005fnonce
There may of course be some problem in the nettle library too, in particular, I would be happier if api misuse resulted in an assert failure rather than a segfault.
(25080935) /Niels Möller (entering a radioactive zone)/