Hi All,
Recently we are trying to migrate our code to 64 bit gcc.
below code always returns NULL in PEM_read_X509(pCertFP,NULL,NULL,NULL);
Same code works fine in 32 bit compiler
openssl version
in 64 bit env : OpenSSL 1.1.1g FIPS 21 Apr 2020
in 32 bit env : OpenSSL 0.9.8x 10 May 2012
cout<<"strFileContent "<<strFileContent<<endl; prints
strFileContent -----BEGIN CERTIFICATE-----
MIIEBjCCAu6gAwIBAgIEf////zANBgkqhkiG9w0BAQQFADCBmTELMAkGA1UEBhMC
dXMxCzAJBgNVBAgTAkNBMRAwDgYDVQQKEwdUb3NoaWJhMREwDwYDVQQLEwhUQUJT
IERTRTEiMCAGA1UEAxMZaW50ZXJuYWwudGFicy50b3NoaWJhLmNvbTEjMCEGCSqG
SIb3DQEJARYUbWZwQHRhYnMudG9zaGliYS5jb20xDzANBgNVBAcTBklydmluZTAe
Fw0yMjExMjgxNDIxMDdaFw0yODAxMDYxNDIxMDdaMIGZMQswCQYDVQQGEwJ1czEL
MAkGA1UECBMCQ0ExEDAOBgNVBAoTB1Rvc2hpYmExETAPBgNVBAsTCFRBQlMgRFNF
MSIwIAYDVQQDExlpbnRlcm5hbC50YWJzLnRvc2hpYmEuY29tMSMwIQYJKoZIhvcN
AQkBFhRtZnBAdGFicy50b3NoaWJhLmNvbTEPMA0GA1UEBxMGSXJ2aW5lMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtorShk7VRp9tI5IH7szJeD2wUq3
oun6p36K2YpBwlzuy/zEC53fHVRSCGiWJku4tE5AKBM3t0ZijkkKTBwL3PlRDatL
pd+sJ6C6cSpwPYU0aNq1uVFqyT9GrDCBnR6bChD03QA8tg1Hi5v3m/UbP6rVG8wD
IAfKdnhZVIUgEGZlfVdigpeWmwxWzuafKnBjCL/kr/XoNGDyj83kWTkhUqazJXi/
yP3DhyNx6nt3u8rtnabKF1N4le+Xhb2IWNREwv84fRuN/5eZTLplYMVXb0oc2gds
U6dZcnRCA/zOeB/teP3WhJkty6uux4qhxDoh9CQm+qF1reEK3CqzlMIpcQIDAQAB
o1QwUjAkBgNVHREEHTAbghlpbnRlcm5hbC50YWJzLnRvc2hpYmEuY29tMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjALBgNVHQ8EBAMCAqQwDQYJKoZIhvcN
AQEEBQADggEBADVffN0OrnoU6GqZDODEJ+out+uYGGpLlPMvzHr0P0kP0HxpcH6O
/ZrGXlRa/WkPQMHg2Yt9iqL9/qbWhUiNS7O9v/Ugl9RVWLfCyLKVy79gyDZxzGHn
CacfLMxN5OzWKHxMbu/c+O8KnqKo/YndIY7T5edzzonZdZgl40Tio/g6Lg90DRi8
u7+8AB7PAz+IofHcVeVjvqsedLfbR5/X2eSaGLkCeS1+uBin3ULlG5unuxIrpmfC
BEoF8r81CcabWEB7BtxoVHZoL4yzbLx71nT8HL2wW4bddmMNNik/tpJ2zoNjbH9w
wpIrTF/YMgCu+x1goXng+VLF02krc1cxSdk=
-----END CERTIFICATE-----
FILE* pCertFP = NULL;
X509* pX509 = NULL;
try {
std::string strFileContent = CUtils::ReadFileContent(strPath);
cout<<"strFileContent "<<strFileContent<<endl;
if (strFileContent.find(PEM_CERTIFICATE_HEADER,0U)==strFileContent.npos) {
// No PEM header found, skip the reset
return -1;
}
pCertFP = reinterpret_cast<FILE*>(CUtils::OpenFile(strPath,"r"));
if (pCertFP==NULL)
throw CStatusException(FILE_OPEN_ERROR);
fseek(pCertFP, 0, SEEK_END);
int filesize = ftell(pCertFP);
cout<<"total file zise is "<<filesize<<endl;
fseek(pCertFP, 0, SEEK_SET); // seek back to beginning of file
cout<<"SEEK SET"<<ftell(pCertFP)<<endl;
int size = 0;
do
{
pX509 = PEM_read_X509(pCertFP,NULL,NULL,NULL);
if (pX509==NULL)
{
cout<<"PEM_read_X509 error"<<endl;
throw COpenSSLException(CRYPTO_CERTIFICATE_READ_ERROR);
}
Further since this API return error code crashes as below. in frame 10 below PEM_read_X509 is called which returns null and our opensslexception() class in invoked
#0 __GI___pthread_rwlock_rdlock (rwlock=0x0) at pthread_rwlock_rdlock.c:27
#1 0x00007ffff6b5be5d in CRYPTO_THREAD_read_lock (lock=<optimized out>) at crypto/threads_pthread.c:65
#2 0x00007ffff6ac4ed1 in int_err_get_item (d=d@entry=0x7fffffffaba0) at crypto/err/err.c:179
#3 0x00007ffff6ac53da in ERR_lib_error_string (e=<optimized out>) at crypto/err/err.c:647
#4 ERR_lib_error_string (e=<optimized out>) at crypto/err/err.c:636
#5 0x00007ffff6ac55bd in ERR_error_string_n (len=512, buf=0x7fffffffad10 “”, e=0) at crypto/err/err.c:595
#6 ERR_error_string_n (e=0, buf=0x7fffffffad10 “”, len=512) at crypto/err/err.c:585
#7 0x00007ffff7aae763 in ssdk::CCryptoTools::GetOpenSSLErrorMessage[abi:cxx11](unsigned long) (errorCode=0) at ccryptotools.cpp:211
#8 0x00007ffff7aae431 in ssdk::COpenSSLException::SetErrorCode (this=0x51d850, pszErrorMessage=0x0, errorCode=0) at ccryptotools.cpp:150
#9 0x00007ffff7aae090 in ssdk::COpenSSLException::COpenSSLException (this=0x51d850, statusCode=ssdk::CRYPTO_CERTIFICATE_READ_ERROR) at ccryptotools.cpp:106
#10 0x00007ffff7a4411a in ReadCertificateFromFile (strPath="/var/ssdk/certs/73eaaa0f.0", Python Exception <class ‘ValueError’> Cannot find type class std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, x509_st*, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const, x509_st*> > >::_Rep_type:
zrFingerPrintX509Map=std::map with 0 elements)
at ccertificatefunctions.cpp:3192
Any help on same will be deeply appreciated
- why the Read_pem_x509 returns null
- Even if its returns null, why furthur code crashes inside openssl/crypto
NOte: Code works fine in 32 bit , old openssl . Even if i hardcode and make read_pem_x509 to return null in 32 bit, code doesnt crashes
complete back trace
3188 pX509 = PEM_read_X509(pCertFP,NULL,NULL,NULL);
(gdb) s
PEM_read_X509 (fp=0x5b1be0, x=0x0, cb=0x0, u=0x0) at crypto/pem/pem_x509.c:18
18 IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
(gdb) s
PEM_ASN1_read (d2i=0x7ffff6b78490 <d2i_X509>, name=0x7ffff6bc71ab “CERTIFICATE”, fp=0x5b1be0, x=0x0, cb=0x0, u=0x0) at crypto/pem/pem_lib.c:108
108 {
(gdb) s
112 if ((b = BIO_new(BIO_s_file())) == NULL) {
(gdb) s
BIO_s_file () at crypto/bio/bss_file.c:106
106 {
(gdb) s
107 return &methods_filep;
(gdb) s
BIO_new (method=0x7ffff6c41880 <methods_filep>) at crypto/bio/bio_lib.c:72
72 {
(gdb) s
73 BIO *bio = OPENSSL_zalloc(sizeof(*bio));
(gdb) p sizeof(*bio)
$1 = 120
(gdb) p bio
$2 = <optimized out>
(gdb) s
CRYPTO_zalloc (num=num@entry=120, file=file@entry=0x7ffff6b93b59 “crypto/bio/bio_lib.c”, line=line@entry=73) at crypto/mem.c:229
229 {
(gdb) s
230 void *ret = CRYPTO_malloc(num, file, line);
(gdb) p num
$3 = 120
(gdb) p file
$4 = 0x7ffff6b93b59 “crypto/bio/bio_lib.c”
(gdb) p line
$5 = 73
(gdb) p ret
$6 = <optimized out>
(gdb) s
CRYPTO_malloc (num=120, file=0x7ffff6b93b59 “crypto/bio/bio_lib.c”, line=73) at crypto/mem.c:193
193 {
(gdb) s
197 if (malloc_impl != NULL && malloc_impl != CRYPTO_malloc)
(gdb) s
200 if (num == 0)
(gdb) s
192 void *CRYPTO_malloc(size_t num, const char *file, int line)
(gdb) p num
$7 = 120
(gdb) p file
$8 = 0x7ffff6b93b59 “crypto/bio/bio_lib.c”
(gdb) s
CRYPTO_malloc (file=0x7ffff6b93b59 “crypto/bio/bio_lib.c”, line=73, num=120) at crypto/mem.c:204
204 if (allow_customize) {
(gdb) s
222 ret = malloc(num);
(gdb) p ret
$9 = <optimized out>
(gdb) p num
$10 = 120
(gdb) s
0x00007ffff69e6b30 in malloc@plt () from /lib64/libcrypto.so.1.1
(gdb) s
Single stepping until exit from function malloc@plt,
which has no line number information.
__GI___libc_malloc (bytes=120) at malloc.c:3037
3037 {
(gdb) s
3042 = atomic_forced_read (__malloc_hook);
(gdb) s
3043 if (_builtin_expect (hook != NULL, 0))
(gdb) p hook
$11 = (void ()(size_t, const void *)) 0x0
(gdb) s
3048 checked_request2size (bytes, tbytes);
(gdb) p bytes
$12 = 120
(gdb) p tbytes
$13 = <optimized out>
(gdb) s
3049 size_t tc_idx = csize2tidx (tbytes);
(gdb) s
3051 MAYBE_INIT_TCACHE ();
(gdb) s
3054 if (tc_idx < mp.tcache_bins
(gdb) s
3058 return tcache_get (tc_idx);
(gdb) s
tcache_get (tc_idx=6) at malloc.c:3058
3058 return tcache_get (tc_idx);
(gdb) s
2951 tcache->entries[tc_idx] = e->next;
(gdb) s
2952 --(tcache->counts[tc_idx]);
(gdb) s
2953 e->key = NULL;
(gdb) s
__GI___libc_malloc (bytes=120) at malloc.c:2954
2954 return (void *) e;
(gdb) p e
$14 = " \001\002\003\004\005\004\005\006\a\b \b
\v\f\r\f\r\016\017\020\021\020\021\022\023\024\025\024\025\026\027\030\031\030\031\032\033\034\035\034\035\036\037 \001"
(gdb) s
CRYPTO_zalloc (num=num@entry=120, file=file@entry=0x7ffff6b93b59 “crypto/bio/bio_lib.c”, line=line@entry=73) at crypto/mem.c:233
233 if (ret != NULL)
(gdb) p ret
$15 = (void *) 0x5cef60
(gdb) s
234 memset(ret, 0, num);
(gdb) s
memset (__len=120, __ch=0, __dest=0x5cef60) at /usr/include/bits/string_fortified.h:71
71 return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest));
(gdb) s
PEM_read_X509 error
Error code inside COpenSSLException::COpenSSLException234
error from Err_peek_last_error0
Error code inside SetErrorCode0
error buff OPENSSL_ERROR_STRING_BUFFER_SIZE 512errorcode is :0
Program received signal SIGSEGV, Segmentation fault.
__GI___pthread_rwlock_rdlock (rwlock=0x0) at pthread_rwlock_rdlock.c:27
27 int result = __pthread_rwlock_rdlock_full (rwlock, NULL);
(gdb) bt
#0 __GI___pthread_rwlock_rdlock (rwlock=0x0) at pthread_rwlock_rdlock.c:27
#1 0x00007ffff6b5be5d in CRYPTO_THREAD_read_lock (lock=<optimized out>) at crypto/threads_pthread.c:65
#2 0x00007ffff6ac4ed1 in int_err_get_item (d=d@entry=0x7fffffffaba0) at crypto/err/err.c:179
#3 0x00007ffff6ac53da in ERR_lib_error_string (e=<optimized out>) at crypto/err/err.c:647
#4 ERR_lib_error_string (e=<optimized out>) at crypto/err/err.c:636
#5 0x00007ffff6ac55bd in ERR_error_string_n (len=512, buf=0x7fffffffad10 “”, e=0) at crypto/err/err.c:595
#6 ERR_error_string_n (e=0, buf=0x7fffffffad10 “”, len=512) at crypto/err/err.c:585
#7 0x00007ffff7aae763 in ssdk::CCryptoTools::GetOpenSSLErrorMessage[abi:cxx11](unsigned long) (errorCode=0) at ccryptotools.cpp:211
#8 0x00007ffff7aae431 in ssdk::COpenSSLException::SetErrorCode (this=0x51d850, pszErrorMessage=0x0, errorCode=0) at ccryptotools.cpp:150
#9 0x00007ffff7aae090 in ssdk::COpenSSLException::COpenSSLException (this=0x51d850, statusCode=ssdk::CRYPTO_CERTIFICATE_READ_ERROR) at ccryptotools.cpp:106
#10 0x00007ffff7a4411a in ReadCertificateFromFile (strPath="/var/ssdk/certs/73eaaa0f.0", Python Exception <class ‘ValueError’> Cannot find type class std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, x509_st*, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const, x509_st*> > >::_Rep_type:
zrFingerPrintX509Map=std::map with 0 elements)
at ccertificatefunctions.cpp:3192
Thank You in advance… Looking forward for solution
Vjai