[strongSwan-dev] strongswan attestation imv crashing on ppc64

Avesh Agarwal avesh.ncsu at gmail.com
Wed Jan 21 22:32:52 CET 2015 

On Wed, Jan 21, 2015 at 12:56 PM, Avesh Agarwal <avesh.ncsu at gmail.com>
wrote:

> Hi,
>
> While testing attestation imv on ppc64, it generates following core dump:
>
> Core was generated by `/usr/libexec/strongswan/charon --use-syslog '.
> Program terminated with signal 6, Aborted.
> #0  0x00003fffaaf4fed0 in __GI_raise (sig=<optimized out>) at
> ../nptl/sysdeps/unix/sysv/linux/raise.c:56
> 56      return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig);
> (gdb) bt
> #0  0x00003fffaaf4fed0 in __GI_raise (sig=<optimized out>) at
> ../nptl/sysdeps/unix/sysv/linux/raise.c:56
> #1  0x00003fffaaf51f14 in __GI_abort () at abort.c:90
> #2  0x0000000057902a50 in segv_handler (signal=<optimized out>) at
> charon.c:199
> #3  <signal handler called>
> #4  trusted_enumerate (this=0x3fff98003b60, cert=<optimized out>,
> auth=0x50) at credentials/credential_manager.c:872
> #5  0x00003fffa95d87a8 in imv_attestation_process (attr=<optimized out>,
> out_msg=<optimized out>, state=0x3fff5c001740,
> supported_algorithms=<optimized out>,
>     supported_dh_groups=<optimized out>, pts_db=<optimized out>,
> pts_credmgr=0x1002fcea670) at imv_attestation_process.c:201
> #6  0x00003fffa95d6400 in receive_msg (this=this at entry=0x1002fce6db0,
> state=0x3fff5c001740, in_msg=in_msg at entry=0x3fff98000d80) at
> imv_attestation_agent.c:291
> #7  0x00003fffa95d6900 in receive_message_long (this=0x1002fce6db0,
> id=<optimized out>, src_imc_id=2, dst_imv_id=2, msg_vid=21911,
> msg_subtype=1, msg=...)
>     at imv_attestation_agent.c:357
> #8  0x00003fffa95d30f8 in TNC_IMV_ReceiveMessageLong (imv_id=<optimized
> out>, connection_id=<optimized out>, msg_flags=<optimized out>,
> msg=<optimized out>, msg_len=<optimized out>,
>     msg_vid=<optimized out>, msg_subtype=<optimized out>,
> src_imc_id=<optimized out>, dst_imv_id=2) at
> ../../../../src/libimcv/imv/imv_if.h:106
> #9  0x00003fffa975500c in receive_message (this=0x1002fce1440,
> connection_id=1, excl=<optimized out>, msg=0x3fff980018c0 "\001",
> msg_len=846, msg_vid=21911, msg_subtype=1,
>     src_imc_id=2, dst_imv_id=2) at tnc_imv_manager.c:364
> #10 0x00003fffa96e6c38 in handle_ietf_message (msg=<optimized out>,
> this=<optimized out>) at tnccs_20.c:288
> #11 handle_message (msg=<optimized out>, this=<optimized out>) at
> tnccs_20.c:510
> #12 process (this=0x3fff640009d0, buf=<optimized out>, buflen=<optimized
> out>) at tnccs_20.c:620
> #13 0x00003fffa97e4354 in assess (this=0x3fff64000d30,
> this=0x3fff64000d30, tnccs=0x3fff640009d0) at pt_tls_server.c:433
> #14 handle (this=0x3fff64000d30) at pt_tls_server.c:489
> #15 0x00003fffa9842858 in pt_tls_receive_more (this=<optimized out>,
> fd=<optimized out>, event=<optimized out>) at tnc_pdp.c:627
> #16 0x00003fffab37f5d4 in notify_async (data=0x3fff8c000970) at
> processing/watcher.c:152
> #17 0x00003fffab37cdc4 in execute (this=<optimized out>) at
> processing/jobs/callback_job.c:77
> #18 0x00003fffab37e1e0 in process_job (worker=0x1002fcfc200,
> this=0x1002fca5670) at processing/processor.c:235
> #19 process_jobs (worker=0x1002fcfc200) at processing/processor.c:321
> #20 0x00003fffab393d14 in thread_main (this=0x1002fcfc830) at
> threading/thread.c:312
> #21 0x00003fffab13c26c in start_thread (arg=0x3fffa849f1d0) at
> pthread_create.c:310
> #22 0x00003fffab028080 in .__clone () at
> ../sysdeps/unix/sysv/linux/powerpc/powerpc64/clone.S:111
>
> This issue does not happen on x86_64.
>
> Thanks and Regards
> Avesh
>

Hi,

This issue happens because of unused and unallocated "auth_cfg_t **auth"
input parameter passed to function trusted_enumerate in
src/libstrongswan/credentials/credential_manager.c.

I have prepared a following patch to address this issue:

diff -urNp
strongswan-5.2.2/src/libstrongswan/credentials/credential_manager.c
strongswan-5.2.2-patched/src/libstrongswan/credentials/credential_manager.c
--- strongswan-5.2.2/src/libstrongswan/credentials/credential_manager.c
2014-08-30 07:00:32.000000000 -0400
+++
strongswan-5.2.2-patched/src/libstrongswan/credentials/credential_manager.c
2015-01-21 16:25:29.333956663 -0500
@@ -836,7 +836,7 @@ typedef struct {
 } trusted_enumerator_t;

 METHOD(enumerator_t, trusted_enumerate, bool,
-    trusted_enumerator_t *this, certificate_t **cert, auth_cfg_t **auth)
+    trusted_enumerator_t *this, certificate_t **cert)
 {
     certificate_t *current;

@@ -867,10 +867,6 @@ METHOD(enumerator_t, trusted_enumerate,
                     this->auth->add(this->auth, AUTH_RULE_SUBJECT_CERT,

this->pretrusted->get_ref(this->pretrusted));
                 }
-                if (auth)
-                {
-                    *auth = this->auth;
-                }
                 return TRUE;
             }
         }
@@ -896,10 +892,6 @@ METHOD(enumerator_t, trusted_enumerate,
                                this->online))
         {
             *cert = current;
-            if (auth)
-            {
-                *auth = this->auth;
-            }
             return TRUE;
         }
         this->failed->insert_last(this->failed, current->get_ref(current));

Would appreciate any feedback with this.

Thanks and Regards
Avesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150121/712b2815/attachment.html>

More information about the Dev mailing list