Skip Menu |

This queue is for tickets about the Digest-SHA CPAN distribution.

Report information
The Basics
Id: 82655
Status: resolved
Estimated: 1 hour (60 min)
Worked: 1 hour (60 min)
Priority: 0/
Queue: Digest-SHA
People
Owner: mshelor [...] cpan.org
Requestors: victor [...] vsespb.ru
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: 5.50
Fixed in: 5.81

History Show all quoted text
  Sat Jan 12 09:52:35 2013 victor [...] vsespb.ru - Ticket created
Subject: Security issue - segfault
$ perl -v This is perl, v5.10.1 (*) built for x86_64-linux-gnu-thread-multi $ ls x ls: cannot access x: No such file or directory $ perl -MDigest::SHA -e 'print $Digest::SHA::VERSION; print "\n"' 5.50 $ perl -MDigest::SHA -e 'my $d = Digest::SHA->new(256); $d->load("x");' *** glibc detected *** perl: double free or corruption (!prev): 0x00000000008693b0 *** ======= Backtrace: ========= /lib/libc.so.6(+0x78bb6)[0x7fb40942ebb6] /lib/libc.so.6(cfree+0x73)[0x7fb409435483] /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so(shaclose+0x1e)[0x7fb408b6d67e] /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so(XS_Digest__SHA_shaclose+0x15e)[0x7fb408b6d7ee] /usr/lib/libperl.so.5.10(Perl_pp_entersub+0x5a5)[0x7fb409e8b085] /usr/lib/libperl.so.5.10(Perl_runops_standard+0x16)[0x7fb409e89376] /usr/lib/libperl.so.5.10(Perl_call_sv+0x4df)[0x7fb409e308cf] /usr/lib/libperl.so.5.10(Perl_sv_clear+0xb6)[0x7fb409e9d716] /usr/lib/libperl.so.5.10(Perl_sv_free2+0x52)[0x7fb409e9df12] /usr/lib/libperl.so.5.10(Perl_leave_scope+0xe45)[0x7fb409ebac35] /usr/lib/libperl.so.5.10(Perl_pp_leave+0x105)[0x7fb409e8a995] /usr/lib/libperl.so.5.10(Perl_runops_standard+0x16)[0x7fb409e89376] /usr/lib/libperl.so.5.10(perl_run+0x33c)[0x7fb409e313cc] perl(main+0xec)[0x400d7c] /lib/libc.so.6(__libc_start_main+0xfd)[0x7fb4093d4c4d] perl[0x400bc9] ======= Memory map: ======== 00400000-00401000 r-xp 00000000 08:02 669905 /usr/bin/perl 00601000-00602000 r--p 00001000 08:02 669905 /usr/bin/perl 00602000-00603000 rw-p 00002000 08:02 669905 /usr/bin/perl 00836000-0093e000 rw-p 00000000 00:00 0 [heap] 7fb404000000-7fb404021000 rw-p 00000000 00:00 0 7fb404021000-7fb408000000 ---p 00000000 00:00 0 7fb40894f000-7fb408965000 r-xp 00000000 08:02 921275 /lib/libgcc_s.so.1 7fb408965000-7fb408b64000 ---p 00016000 08:02 921275 /lib/libgcc_s.so.1 7fb408b64000-7fb408b65000 r--p 00015000 08:02 921275 /lib/libgcc_s.so.1 7fb408b65000-7fb408b66000 rw-p 00016000 08:02 921275 /lib/libgcc_s.so.1 7fb408b66000-7fb408b72000 r-xp 00000000 08:02 2389184 /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so 7fb408b72000-7fb408d71000 ---p 0000c000 08:02 2389184 /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so 7fb408d71000-7fb408d72000 r--p 0000b000 08:02 2389184 /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so 7fb408d72000-7fb408d73000 rw-p 0000c000 08:02 2389184 /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so 7fb408d73000-7fb408d77000 r-xp 00000000 08:02 1706200 /usr/lib/perl/5.10.1/auto/MIME/Base64/Base64.so 7fb408d77000-7fb408f76000 ---p 00004000 08:02 1706200 /usr/lib/perl/5.10.1/auto/MIME/Base64/Base64.so 7fb408f76000-7fb408f77000 r--p 00003000 08:02 1706200 /usr/lib/perl/5.10.1/auto/MIME/Base64/Base64.so 7fb408f77000-7fb408f78000 rw-p 00004000 08:02 1706200 /usr/lib/perl/5.10.1/auto/MIME/Base64/Base64.so 7fb408f78000-7fb408f7b000 r-xp 00000000 08:02 1759461 /usr/lib/perl/5.10.1/auto/Fcntl/Fcntl.so 7fb408f7b000-7fb40917b000 ---p 00003000 08:02 1759461 /usr/lib/perl/5.10.1/auto/Fcntl/Fcntl.so 7fb40917b000-7fb40917c000 r--p 00003000 08:02 1759461 /usr/lib/perl/5.10.1/auto/Fcntl/Fcntl.so 7fb40917c000-7fb40917d000 rw-p 00004000 08:02 1759461 /usr/lib/perl/5.10.1/auto/Fcntl/Fcntl.so 7fb40917d000-7fb409186000 r-xp 00000000 08:02 938325 /lib/libcrypt-2.11.1.so 7fb409186000-7fb409386000 ---p 00009000 08:02 938325 /lib/libcrypt-2.11.1.so 7fb409386000-7fb409387000 r--p 00009000 08:02 938325 /lib/libcrypt-2.11.1.so 7fb409387000-7fb409388000 rw-p 0000a000 08:02 938325 /lib/libcrypt-2.11.1.so 7fb409388000-7fb4093b6000 rw-p 00000000 00:00 0 7fb4093b6000-7fb409533000 r-xp 00000000 08:02 938330 /lib/libc-2.11.1.so 7fb409533000-7fb409732000 ---p 0017d000 08:02 938330 /lib/libc-2.11.1.so 7fb409732000-7fb409736000 r--p 0017c000 08:02 938330 /lib/libc-2.11.1.so 7fb409736000-7fb409737000 rw-p 00180000 08:02 938330 /lib/libc-2.11.1.so 7fb409737000-7fb40973c000 rw-p 00000000 00:00 0 7fb40973c000-7fb409754000 r-xp 00000000 08:02 938304 /lib/libpthread-2.11.1.so 7fb409754000-7fb409953000 ---p 00018000 08:02 938304 /lib/libpthread-2.11.1.so 7fb409953000-7fb409954000 r--p 00017000 08:02 938304 /lib/libpthread-2.11.1.so 7fb409954000-7fb409955000 rw-p 00018000 08:02 938304 /lib/libpthread-2.11.1.so 7fb409955000-7fb409959000 rw-p 00000000 00:00 0 7fb409959000-7fb4099db000 r-xp 00000000 08:02 938224 /lib/libm-2.11.1.so 7fb4099db000-7fb409bda000 ---p 00082000 08:02 938224 /lib/libm-2.11.1.so 7fb409bda000-7fb409bdb000 r--p 00081000 08:02 938224 /lib/libm-2.11.1.so 7fb409bdb000-7fb409bdc000 rw-p 00082000 08:02 938224 /lib/libm-2.11.1.so 7fb409bdc000-7fb409bde000 r-xp 00000000 08:02 938327 /lib/libdl-2.11.1.so 7fb409bde000-7fb409dde000 ---p 00002000 08:02 938327 /lib/libdl-2.11.1.so 7fb409dde000-7fb409ddf000 r--p 00002000 08:02 938327 /lib/libdl-2.11.1.so 7fb409ddf000-7fb409de0000 rw-p 00003000 08:02 938327 /lib/libdl-2.11.1.so 7fb409de0000-7fb409f42000 r-xp 00000000 08:02 922262 /usr/lib/libperl.so.5.10.1 7fb409f42000-7fb40a142000 ---p 00162000 08:02 922262 /usr/lib/libperl.so.5.10.1 7fb40a142000-7fb40a146000 r--p 00162000 08:02 922262 /usr/lib/libperl.so.5.10.1 7fb40a146000-7fb40a14b000 rw-p 00166000 08:02 922262 /usr/lib/libperl.so.5.10.1 7fb40a14b000-7fb40a16b000 r-xp 00000000 08:02 938232 /lib/ld-2.11.1.so 7fb40a1db000-7fb40a21a000 r--p 00000000 08:02 1594871 /usr/lib/locale/ru_RU.utf8/LC_CTYPE 7fb40a21a000-7fb40a338000 r--p 00000000 08:02 1594751 /usr/lib/locale/ru_RU.utf8/LC_COLLATE 7fb40a338000-7fb40a33d000 rw-p 00000000 00:00 0 7fb40a357000-7fb40a358000 r--p 00000000 08:02 1572989 /usr/lib/locale/ru_RU.utf8/LC_NUMERIC 7fb40a358000-7fb40a359000 r--p 00000000 08:02 1572990 /usr/lib/locale/ru_RU.utf8/LC_TIME 7fb40a359000-7fb40a35a000 r--p 00000000 08:02 1572991 /usr/lib/locale/ru_RU.utf8/LC_MONETARY 7fb40a35a000-7fb40a35b000 r--p 00000000 08:02 1594322 /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES 7fb40a35b000-7fb40a35c000 r--p 00000000 08:02 1594797 /usr/lib/locale/ru_RU.utf8/LC_PAPER 7fb40a35c000-7fb40a35d000 r--p 00000000 08:02 1594716 /usr/lib/locale/ru_RU.utf8/LC_NAMEAborted
  Sat Jan 12 11:46:16 2013 victor [...] vsespb.ru - Correspondence added
Note: also reported to perl5-security-report@perl.org They might try to fix too. Not sure how you can coordinate with them. On Sat Jan 12 18:52:35 2013, vsespb wrote: Show quoted text
> $ perl -v > > This is perl, v5.10.1 (*) built for x86_64-linux-gnu-thread-multi > > $ ls x > ls: cannot access x: No such file or directory > > $ perl -MDigest::SHA -e 'print $Digest::SHA::VERSION; print "\n"' > 5.50 > > $ perl -MDigest::SHA -e 'my $d = Digest::SHA->new(256); $d-
> >load("x");'
> *** glibc detected *** perl: double free or corruption (!prev): > 0x00000000008693b0 *** > ======= Backtrace: ========= > /lib/libc.so.6(+0x78bb6)[0x7fb40942ebb6] > /lib/libc.so.6(cfree+0x73)[0x7fb409435483] >
/usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so(shaclose+0x1e)[0x7fb408b6d67e] Show quoted text
>
/usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so(XS_Digest__SHA_shaclose+0x15e)[0x7fb408b6d7ee] Show quoted text
> /usr/lib/libperl.so.5.10(Perl_pp_entersub+0x5a5)[0x7fb409e8b085] > /usr/lib/libperl.so.5.10(Perl_runops_standard+0x16)[0x7fb409e89376] > /usr/lib/libperl.so.5.10(Perl_call_sv+0x4df)[0x7fb409e308cf] > /usr/lib/libperl.so.5.10(Perl_sv_clear+0xb6)[0x7fb409e9d716] > /usr/lib/libperl.so.5.10(Perl_sv_free2+0x52)[0x7fb409e9df12] > /usr/lib/libperl.so.5.10(Perl_leave_scope+0xe45)[0x7fb409ebac35] > /usr/lib/libperl.so.5.10(Perl_pp_leave+0x105)[0x7fb409e8a995] > /usr/lib/libperl.so.5.10(Perl_runops_standard+0x16)[0x7fb409e89376] > /usr/lib/libperl.so.5.10(perl_run+0x33c)[0x7fb409e313cc] > perl(main+0xec)[0x400d7c] > /lib/libc.so.6(__libc_start_main+0xfd)[0x7fb4093d4c4d] > perl[0x400bc9] > ======= Memory map: ======== > 00400000-00401000 r-xp 00000000 08:02 669905 > /usr/bin/perl > 00601000-00602000 r--p 00001000 08:02 669905 > /usr/bin/perl > 00602000-00603000 rw-p 00002000 08:02 669905 > /usr/bin/perl > 00836000-0093e000 rw-p 00000000 00:00 0 > [heap] > 7fb404000000-7fb404021000 rw-p 00000000 00:00 0 > 7fb404021000-7fb408000000 ---p 00000000 00:00 0 > 7fb40894f000-7fb408965000 r-xp 00000000 08:02 921275 > /lib/libgcc_s.so.1 > 7fb408965000-7fb408b64000 ---p 00016000 08:02 921275 > /lib/libgcc_s.so.1 > 7fb408b64000-7fb408b65000 r--p 00015000 08:02 921275 > /lib/libgcc_s.so.1 > 7fb408b65000-7fb408b66000 rw-p 00016000 08:02 921275 > /lib/libgcc_s.so.1 > 7fb408b66000-7fb408b72000 r-xp 00000000 08:02 2389184 > /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so > 7fb408b72000-7fb408d71000 ---p 0000c000 08:02 2389184 > /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so > 7fb408d71000-7fb408d72000 r--p 0000b000 08:02 2389184 > /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so > 7fb408d72000-7fb408d73000 rw-p 0000c000 08:02 2389184 > /usr/local/lib/perl/5.10.1/auto/Digest/SHA/SHA.so > 7fb408d73000-7fb408d77000 r-xp 00000000 08:02 1706200 > /usr/lib/perl/5.10.1/auto/MIME/Base64/Base64.so > 7fb408d77000-7fb408f76000 ---p 00004000 08:02 1706200 > /usr/lib/perl/5.10.1/auto/MIME/Base64/Base64.so > 7fb408f76000-7fb408f77000 r--p 00003000 08:02 1706200 > /usr/lib/perl/5.10.1/auto/MIME/Base64/Base64.so > 7fb408f77000-7fb408f78000 rw-p 00004000 08:02 1706200 > /usr/lib/perl/5.10.1/auto/MIME/Base64/Base64.so > 7fb408f78000-7fb408f7b000 r-xp 00000000 08:02 1759461 > /usr/lib/perl/5.10.1/auto/Fcntl/Fcntl.so > 7fb408f7b000-7fb40917b000 ---p 00003000 08:02 1759461 > /usr/lib/perl/5.10.1/auto/Fcntl/Fcntl.so > 7fb40917b000-7fb40917c000 r--p 00003000 08:02 1759461 > /usr/lib/perl/5.10.1/auto/Fcntl/Fcntl.so > 7fb40917c000-7fb40917d000 rw-p 00004000 08:02 1759461 > /usr/lib/perl/5.10.1/auto/Fcntl/Fcntl.so > 7fb40917d000-7fb409186000 r-xp 00000000 08:02 938325 > /lib/libcrypt-2.11.1.so > 7fb409186000-7fb409386000 ---p 00009000 08:02 938325 > /lib/libcrypt-2.11.1.so > 7fb409386000-7fb409387000 r--p 00009000 08:02 938325 > /lib/libcrypt-2.11.1.so > 7fb409387000-7fb409388000 rw-p 0000a000 08:02 938325 > /lib/libcrypt-2.11.1.so > 7fb409388000-7fb4093b6000 rw-p 00000000 00:00 0 > 7fb4093b6000-7fb409533000 r-xp 00000000 08:02 938330 > /lib/libc-2.11.1.so > 7fb409533000-7fb409732000 ---p 0017d000 08:02 938330 > /lib/libc-2.11.1.so > 7fb409732000-7fb409736000 r--p 0017c000 08:02 938330 > /lib/libc-2.11.1.so > 7fb409736000-7fb409737000 rw-p 00180000 08:02 938330 > /lib/libc-2.11.1.so > 7fb409737000-7fb40973c000 rw-p 00000000 00:00 0 > 7fb40973c000-7fb409754000 r-xp 00000000 08:02 938304 > /lib/libpthread-2.11.1.so > 7fb409754000-7fb409953000 ---p 00018000 08:02 938304 > /lib/libpthread-2.11.1.so > 7fb409953000-7fb409954000 r--p 00017000 08:02 938304 > /lib/libpthread-2.11.1.so > 7fb409954000-7fb409955000 rw-p 00018000 08:02 938304 > /lib/libpthread-2.11.1.so > 7fb409955000-7fb409959000 rw-p 00000000 00:00 0 > 7fb409959000-7fb4099db000 r-xp 00000000 08:02 938224 > /lib/libm-2.11.1.so > 7fb4099db000-7fb409bda000 ---p 00082000 08:02 938224 > /lib/libm-2.11.1.so > 7fb409bda000-7fb409bdb000 r--p 00081000 08:02 938224 > /lib/libm-2.11.1.so > 7fb409bdb000-7fb409bdc000 rw-p 00082000 08:02 938224 > /lib/libm-2.11.1.so > 7fb409bdc000-7fb409bde000 r-xp 00000000 08:02 938327 > /lib/libdl-2.11.1.so > 7fb409bde000-7fb409dde000 ---p 00002000 08:02 938327 > /lib/libdl-2.11.1.so > 7fb409dde000-7fb409ddf000 r--p 00002000 08:02 938327 > /lib/libdl-2.11.1.so > 7fb409ddf000-7fb409de0000 rw-p 00003000 08:02 938327 > /lib/libdl-2.11.1.so > 7fb409de0000-7fb409f42000 r-xp 00000000 08:02 922262 > /usr/lib/libperl.so.5.10.1 > 7fb409f42000-7fb40a142000 ---p 00162000 08:02 922262 > /usr/lib/libperl.so.5.10.1 > 7fb40a142000-7fb40a146000 r--p 00162000 08:02 922262 > /usr/lib/libperl.so.5.10.1 > 7fb40a146000-7fb40a14b000 rw-p 00166000 08:02 922262 > /usr/lib/libperl.so.5.10.1 > 7fb40a14b000-7fb40a16b000 r-xp 00000000 08:02 938232 > /lib/ld-2.11.1.so > 7fb40a1db000-7fb40a21a000 r--p 00000000 08:02 1594871 > /usr/lib/locale/ru_RU.utf8/LC_CTYPE > 7fb40a21a000-7fb40a338000 r--p 00000000 08:02 1594751 > /usr/lib/locale/ru_RU.utf8/LC_COLLATE > 7fb40a338000-7fb40a33d000 rw-p 00000000 00:00 0 > 7fb40a357000-7fb40a358000 r--p 00000000 08:02 1572989 > /usr/lib/locale/ru_RU.utf8/LC_NUMERIC > 7fb40a358000-7fb40a359000 r--p 00000000 08:02 1572990 > /usr/lib/locale/ru_RU.utf8/LC_TIME > 7fb40a359000-7fb40a35a000 r--p 00000000 08:02 1572991 > /usr/lib/locale/ru_RU.utf8/LC_MONETARY > 7fb40a35a000-7fb40a35b000 r--p 00000000 08:02 1594322 > /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES > 7fb40a35b000-7fb40a35c000 r--p 00000000 08:02 1594797 > /usr/lib/locale/ru_RU.utf8/LC_PAPER > 7fb40a35c000-7fb40a35d000 r--p 00000000 08:02 1594716 > /usr/lib/locale/ru_RU.utf8/LC_NAMEAborted
  Sat Jan 12 11:46:18 2013 victor [...] vsespb.ru - Status changed from 'new' to 'open'
  Sun Jan 13 20:15:15 2013 mshelor [...] cpan.org - Taken
  Sun Jan 13 20:21:10 2013 mshelor [...] cpan.org - Correspondence added
On Sat Jan 12 11:46:16 2013, vsespb wrote: Show quoted text
> > $ ls x > > ls: cannot access x: No such file or directory > > > > $ perl -MDigest::SHA -e 'my $d = Digest::SHA->new(256); $d-
> > >load("x");'
> > *** glibc detected *** perl: double free or corruption (!prev): > > 0x00000000008693b0 ***
The source of the double-free is the following line in "sub load": $$class = shaload($file) || return; Replacing it with return unless $$class = shaload($file); corrects the problem. The fix will be applied to the next version of Digest::SHA.
  Mon Jan 14 20:05:41 2013 mshelor [...] cpan.org - TimeEstimated changed from (no value) to '60'
  Mon Jan 14 20:05:41 2013 mshelor [...] cpan.org - TimeWorked changed from (no value) to '60'
  Mon Jan 14 20:05:41 2013 mshelor [...] cpan.org - Fixed in 5.81 added
  Mon Jan 14 20:07:40 2013 mshelor [...] cpan.org - Status changed from 'open' to 'resolved'
  Thu Jun 20 18:17:36 2013 dom [...] cpan.org - Reference by ticket #86295 added