<div dir="ltr">On Wed, Jan 21, 2015 at 12:56 PM, Avesh Agarwal <span dir="ltr"><<a href="mailto:avesh.ncsu@gmail.com" target="_blank">avesh.ncsu@gmail.com</a>></span> wrote:<br><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div><div>Hi,<br><br></div>While testing attestation imv on ppc64, it generates following core dump:<br><br>Core was generated by `/usr/libexec/strongswan/charon --use-syslog '.<br>Program terminated with signal 6, Aborted.<br>#0  0x00003fffaaf4fed0 in __GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56<br>56      return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig);<br>(gdb) bt<br>#0  0x00003fffaaf4fed0 in __GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56<br>#1  0x00003fffaaf51f14 in __GI_abort () at abort.c:90<br>#2  0x0000000057902a50 in segv_handler (signal=<optimized out>) at charon.c:199<br>#3  <signal handler called><br>#4  trusted_enumerate (this=0x3fff98003b60, cert=<optimized out>, auth=0x50) at credentials/credential_manager.c:872<br>#5  0x00003fffa95d87a8 in imv_attestation_process (attr=<optimized out>, out_msg=<optimized out>, state=0x3fff5c001740, supported_algorithms=<optimized out>, <br>    supported_dh_groups=<optimized out>, pts_db=<optimized out>, pts_credmgr=0x1002fcea670) at imv_attestation_process.c:201<br>#6  0x00003fffa95d6400 in receive_msg (this=this@entry=0x1002fce6db0, state=0x3fff5c001740, in_msg=in_msg@entry=0x3fff98000d80) at imv_attestation_agent.c:291<br>#7  0x00003fffa95d6900 in receive_message_long (this=0x1002fce6db0, id=<optimized out>, src_imc_id=2, dst_imv_id=2, msg_vid=21911, msg_subtype=1, msg=...)<br>    at imv_attestation_agent.c:357<br>#8  0x00003fffa95d30f8 in TNC_IMV_ReceiveMessageLong (imv_id=<optimized out>, connection_id=<optimized out>, msg_flags=<optimized out>, msg=<optimized out>, msg_len=<optimized out>, <br>    msg_vid=<optimized out>, msg_subtype=<optimized out>, src_imc_id=<optimized out>, dst_imv_id=2) at ../../../../src/libimcv/imv/imv_if.h:106<br>#9  0x00003fffa975500c in receive_message (this=0x1002fce1440, connection_id=1, excl=<optimized out>, msg=0x3fff980018c0 "\001", msg_len=846, msg_vid=21911, msg_subtype=1, <br>    src_imc_id=2, dst_imv_id=2) at tnc_imv_manager.c:364<br>#10 0x00003fffa96e6c38 in handle_ietf_message (msg=<optimized out>, this=<optimized out>) at tnccs_20.c:288<br>#11 handle_message (msg=<optimized out>, this=<optimized out>) at tnccs_20.c:510<br>#12 process (this=0x3fff640009d0, buf=<optimized out>, buflen=<optimized out>) at tnccs_20.c:620<br>#13 0x00003fffa97e4354 in assess (this=0x3fff64000d30, this=0x3fff64000d30, tnccs=0x3fff640009d0) at pt_tls_server.c:433<br>#14 handle (this=0x3fff64000d30) at pt_tls_server.c:489<br>#15 0x00003fffa9842858 in pt_tls_receive_more (this=<optimized out>, fd=<optimized out>, event=<optimized out>) at tnc_pdp.c:627<br>#16 0x00003fffab37f5d4 in notify_async (data=0x3fff8c000970) at processing/watcher.c:152<br>#17 0x00003fffab37cdc4 in execute (this=<optimized out>) at processing/jobs/callback_job.c:77<br>#18 0x00003fffab37e1e0 in process_job (worker=0x1002fcfc200, this=0x1002fca5670) at processing/processor.c:235<br>#19 process_jobs (worker=0x1002fcfc200) at processing/processor.c:321<br>#20 0x00003fffab393d14 in thread_main (this=0x1002fcfc830) at threading/thread.c:312<br>#21 0x00003fffab13c26c in start_thread (arg=0x3fffa849f1d0) at pthread_create.c:310<br>#22 0x00003fffab028080 in .__clone () at ../sysdeps/unix/sysv/linux/powerpc/powerpc64/clone.S:111<br><br></div>This issue does not happen on x86_64.<br><br></div>Thanks and Regards<span class=""><font color="#888888"><br>Avesh<br></font></span></div>
</blockquote></div><br>Hi,<br><div><br></div>This issue happens because of unused and unallocated "auth_cfg_t **auth" input parameter passed to function trusted_enumerate in src/libstrongswan/credentials/credential_manager.c. <br></div><div class="gmail_extra"><br>I have prepared a following patch to address this issue:<br><br>diff -urNp strongswan-5.2.2/src/libstrongswan/credentials/credential_manager.c strongswan-5.2.2-patched/src/libstrongswan/credentials/credential_manager.c<br>--- strongswan-5.2.2/src/libstrongswan/credentials/credential_manager.c    2014-08-30 07:00:32.000000000 -0400<br>+++ strongswan-5.2.2-patched/src/libstrongswan/credentials/credential_manager.c    2015-01-21 16:25:29.333956663 -0500<br>@@ -836,7 +836,7 @@ typedef struct {<br> } trusted_enumerator_t;<br> <br> METHOD(enumerator_t, trusted_enumerate, bool,<br>-    trusted_enumerator_t *this, certificate_t **cert, auth_cfg_t **auth)<br>+    trusted_enumerator_t *this, certificate_t **cert)<br> {<br>     certificate_t *current;<br> <br>@@ -867,10 +867,6 @@ METHOD(enumerator_t, trusted_enumerate,<br>                     this->auth->add(this->auth, AUTH_RULE_SUBJECT_CERT,<br>                                     this->pretrusted->get_ref(this->pretrusted));<br>                 }<br>-                if (auth)<br>-                {<br>-                    *auth = this->auth;<br>-                }<br>                 return TRUE;<br>             }<br>         }<br>@@ -896,10 +892,6 @@ METHOD(enumerator_t, trusted_enumerate,<br>                                this->online))<br>         {<br>             *cert = current;<br>-            if (auth)<br>-            {<br>-                *auth = this->auth;<br>-            }<br>             return TRUE;<br>         }<br>         this->failed->insert_last(this->failed, current->get_ref(current));<br><br></div><div class="gmail_extra">Would appreciate any feedback with this. <br></div><div class="gmail_extra"><br></div><div class="gmail_extra">Thanks and Regards<br>Avesh<br></div></div>