Update themis_seccure_message.c (test pull request) #2
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Remove dummy line
ignatk
added a commit
that referenced
this pull request
May 18, 2015
Update themis_seccure_message.c (test pull request)
|
Changes Unknown when pulling 52f86cb on secumod:master into ** on cossacklabs:master**. |
ilammy
referenced
this pull request
in ilammy/themis
Jan 24, 2020
i <3 my tools when they work
divinity:themis ilammy$ ./tools/afl/analyze_crashes.sh
Run:
build/afl/scell_seal_decrypt_pw build/afl/output/scell_seal_decrypt_pw/2020-01-24_14-52-08/crashes/id:000000,sig:11,src:000000,op:flip32,pos:29
Debugger output:
```
(lldb) target create "build/afl/scell_seal_decrypt_pw"
Current executable set to 'build/afl/scell_seal_decrypt_pw' (x86_64).
(lldb) settings set -- target.run-args "build/afl/output/scell_seal_decrypt_pw/2020-01-24_14-52-08/crashes/id:000000,sig:11,src:000000,op:flip32,pos:29"
(lldb) run
scell_seal_decrypt_pw was compiled with optimization - stepping may behave oddly; variables may not be available.
Process 49300 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x20060003b)
frame #0: 0x0000000100003e3b scell_seal_decrypt_pw`themis_auth_sym_decrypt_message_with_passphrase_ [inlined] read_uint16LE(buffer=<unavailable>) at themis_portable_endian.h:50:5 [opt]
47 static inline uint16_t read_uint16LE(const uint8_t** buffer)
48 {
49 uint16_t value = 0;
-> 50 memmove(&value, *buffer, sizeof(value));
51 *buffer += sizeof(value);
52 return le16toh(value);
53 }
Target 0: (scell_seal_decrypt_pw) stopped.
Process 49300 launched: '/Users/ilammy/Documents/dev/themis/build/afl/scell_seal_decrypt_pw' (x86_64)
(lldb) thread backtrace
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x20060003b)
* frame #0: 0x0000000100003e3b scell_seal_decrypt_pw`themis_auth_sym_decrypt_message_with_passphrase_ [inlined] read_uint16LE(buffer=<unavailable>) at themis_portable_endian.h:50:5 [opt]
frame #1: 0x0000000100003e3b scell_seal_decrypt_pw`themis_auth_sym_decrypt_message_with_passphrase_ [inlined] themis_read_scell_pbkdf2_context(hdr=<unavailable>, ctx=<unavailable>) at secure_cell_seal_passphrase.h:260 [opt]
frame #2: 0x0000000100003e3b scell_seal_decrypt_pw`themis_auth_sym_decrypt_message_with_passphrase_(passphrase="secret", passphrase_length=6, user_context="of doom", user_context_length=7, auth_token=<unavailable>, auth_token_length=<unavailable>, encrypted_message="\xb6\x853\xb5ŀ\x89", encrypted_message_length=7, message="", message_length=0x00007ffeefbff748) at secure_cell_seal_passphrase.c:261 [opt]
frame #3: 0x0000000100002830 scell_seal_decrypt_pw`themis_secure_cell_decrypt_seal_with_passphrase(passphrase="secret", passphrase_length=6, user_context="of doom", user_context_length=<unavailable>, encrypted_message="", encrypted_message_length=<unavailable>, plain_message="", plain_message_length=0x00007ffeefbff748) at secure_cell.c:207:11 [opt]
frame cossacklabs#4: 0x0000000100000d48 scell_seal_decrypt_pw`main(argc=<unavailable>, argv=<unavailable>) at scell_seal_decrypt_pw.c:99:11 [opt]
frame cossacklabs#5: 0x00007fff7f3ab3d5 libdyld.dylib`start + 1
(lldb) disassemble --mixed --pc --count 8
scell_seal_decrypt_pw`themis_auth_sym_decrypt_message_with_passphrase_:
-> 0x100003e3b <+779>: movzwl 0x4(%rdx), %ecx
259 ctx->iteration_count = read_uint32LE(&buffer);
260 ctx->salt_length = read_uint16LE(&buffer);
** 261 need_length += ctx->salt_length;
0x100003e3f <+783>: leaq 0x6(%rcx), %rax
** 262 if (buffer_length < need_length) {
263 return THEMIS_FAIL;
264 }
0x100003e43 <+787>: cmpq %r8, %rax
0x100003e46 <+790>: ja 0x100003f96 ; <+1126> at secure_cell_seal_passphrase.c:298:5
0x100003e4c <+796>: nopl (%rax)
0x100003e50 <+800>: leaq -0x98(%rsp), %rsp
0x100003e58 <+808>: movq %rdx, (%rsp)
0x100003e5c <+812>: movq %rcx, 0x8(%rsp)
(lldb) register read
General Purpose Registers:
rax = 0x0000000200600027
rbx = 0x0000000100600034
rcx = 0x0000000101010000
rdx = 0x0000000200600037
rdi = 0x0000000100600000
rsi = 0x0000000000000006
rbp = 0x00007ffeefbff6b0
rsp = 0x00007ffeefbff640
r8 = 0x0000000000000016
r9 = 0x0000000041010100
r10 = 0x0000000000000007
r11 = 0x0000000100600010
r12 = 0x000000000000000b
r13 = 0x00000000fffffff3
r14 = 0x0000000000000020
r15 = 0x0000000000000010
rip = 0x0000000100003e3b scell_seal_decrypt_pw`themis_auth_sym_decrypt_message_with_passphrase_ + 779 [inlined] read_uint16LE at secure_cell_seal_passphrase.h:260
scell_seal_decrypt_pw`themis_auth_sym_decrypt_message_with_passphrase_ + 779 [inlined] themis_read_scell_pbkdf2_context at secure_cell_seal_passphrase.c:261
scell_seal_decrypt_pw`themis_auth_sym_decrypt_message_with_passphrase_ + 779 at secure_cell_seal_passphrase.c:261
rflags = 0x0000000000010202
cs = 0x000000000000002b
fs = 0x0000000000000000
gs = 0x0000000000000000
(lldb) kill
Process 49300 exited with status = 9 (0x00000009)
(lldb) quit
```
ilammy
referenced
this pull request
in ilammy/themis
Jan 24, 2020
divinity:themis ilammy$ ./tools/afl/analyze_crashes.sh
Run:
build/afl/scell_seal_decrypt_pw build/afl/output/scell_seal_decrypt_pw/2020-01-24_14-25-38/crashes/id:000000,sig:06,src:000000,op:flip1,pos:25
Debugger output:
```
(lldb) target create "build/afl/scell_seal_decrypt_pw"
Current executable set to 'build/afl/scell_seal_decrypt_pw' (x86_64).
(lldb) settings set -- target.run-args "build/afl/output/scell_seal_decrypt_pw/2020-01-24_14-25-38/crashes/id:000000,sig:06,src:000000,op:flip1,pos:25"
(lldb) run
Process 49900 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = signal SIGABRT
frame #0: 0x00007fff7f4e62c6 libsystem_kernel.dylib`__pthread_kill + 10
libsystem_kernel.dylib`__pthread_kill:
-> 0x7fff7f4e62c6 <+10>: jae 0x7fff7f4e62d0 ; <+20>
0x7fff7f4e62c8 <+12>: movq %rax, %rdi
0x7fff7f4e62cb <+15>: jmp 0x7fff7f4e0457 ; cerror_nocancel
0x7fff7f4e62d0 <+20>: retq
Target 0: (scell_seal_decrypt_pw) stopped.
Process 49900 launched: '/Users/ilammy/Documents/dev/themis/build/afl/scell_seal_decrypt_pw' (x86_64)
(lldb) thread backtrace
* thread #1, queue = 'com.apple.main-thread', stop reason = signal SIGABRT
* frame #0: 0x00007fff7f4e62c6 libsystem_kernel.dylib`__pthread_kill + 10
frame #1: 0x00007fff7f5a1bf1 libsystem_pthread.dylib`pthread_kill + 284
frame #2: 0x00007fff7f450745 libsystem_c.dylib`__abort + 144
frame #3: 0x00007fff7f450ff3 libsystem_c.dylib`__stack_chk_fail + 205
frame cossacklabs#4: 0x0000000100003fed scell_seal_decrypt_pw`themis_auth_sym_decrypt_message_with_passphrase_(passphrase=<unavailable>, passphrase_length=<unavailable>, user_context=<unavailable>, user_context_length=<unavailable>, auth_token=<unavailable>, auth_token_length=<unavailable>, encrypted_message="\x83~\"|\xa0\x86\xaf", encrypted_message_length=7, message="", message_length=0x00007ffeefbff748) at secure_cell_seal_passphrase.c:0:1 [opt]
frame cossacklabs#5: 0x0000000100002830 scell_seal_decrypt_pw`themis_secure_cell_decrypt_seal_with_passphrase(passphrase="secret", passphrase_length=6, user_context="of doom", user_context_length=<unavailable>, encrypted_message="\x80\x01\x01A\f", encrypted_message_length=<unavailable>, plain_message="", plain_message_length=0x00007ffeefbff748) at secure_cell.c:207:11 [opt]
frame cossacklabs#6: 0x0000000100000d48 scell_seal_decrypt_pw`main(argc=<unavailable>, argv=<unavailable>) at scell_seal_decrypt_pw.c:99:11 [opt]
frame cossacklabs#7: 0x00007fff7f3ab3d5 libdyld.dylib`start + 1
(lldb) disassemble --mixed --pc --count 8
libsystem_kernel.dylib`__pthread_kill:
-> 0x7fff7f4e62c6 <+10>: jae 0x7fff7f4e62d0 ; <+20>
0x7fff7f4e62c8 <+12>: movq %rax, %rdi
0x7fff7f4e62cb <+15>: jmp 0x7fff7f4e0457 ; cerror_nocancel
0x7fff7f4e62d0 <+20>: retq
libsystem_kernel.dylib`mach_vm_region:
0x7fff7f4e62d1 <+0>: pushq %rbp
0x7fff7f4e62d2 <+1>: movq %rsp, %rbp
0x7fff7f4e62d5 <+4>: pushq %r15
0x7fff7f4e62d7 <+6>: pushq %r14
(lldb) register read
General Purpose Registers:
rax = 0x0000000000000000
rbx = 0x00000001000bf5c0 dyld`_main_thread
rcx = 0x00007ffeefbff528
rdx = 0x0000000000000000
rdi = 0x0000000000000307
rsi = 0x0000000000000006
rbp = 0x00007ffeefbff560
rsp = 0x00007ffeefbff528
r8 = 0x0000000000000000
r9 = 0x0000000000000000
r10 = 0x0000000000000000
r11 = 0x0000000000000206
r12 = 0x0000000000000307
r13 = 0x000000000000000c
r14 = 0x0000000000000006
r15 = 0x000000000000002d
rip = 0x00007fff7f4e62c6 libsystem_kernel.dylib`__pthread_kill + 10
rflags = 0x0000000000000206
cs = 0x0000000000000007
fs = 0x0000000000000000
gs = 0x0000000000000000
(lldb) kill
Process 49900 exited with status = 9 (0x00000009)
(lldb) quit
```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Remove dummy line (test pull request)