Smartcard + pkcs11 = segmentation fault...

> Nikos Mavrogiannopoulos <nmav@...> wrote:
>
>> Could you try using valgrind or gdb to pinpoint the crash?
>
> Hm, looks like the proprietary library has some issues, but also does gnutls:
>
> (proprietary library warnings about uninitialised values skipped)
>
> Object 0:
>        URL: pkcs11:library-description=Cryptographic%20Token%20Interface;library-manufacturer=A.E.T.%20Europe%20B.V.;model=3384110107000000;manufacturer=A.E.T.%20Europe%20B.V.;serial=00113C3800009B09;token=Fraunhofer-Smartcard;object=Secude%20Token%20ID;object-type=data
>        Type: Data
>        Label: Secude Token ID
> ==19018== Invalid read of size 1
> ==19018==    at 0x4E653CF: _gnutls_bin2hex (gnutls_str.c:443)
> ==19018==    by 0x4E75D41: pkcs11_get_info (pkcs11.c:409)
> ==19018==    by 0x40424D: pkcs11_list (pkcs11.c:193)
> ==19018==    by 0x403750: main (p11tool.c:135)
> ==19018==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
> ==19018==
> ==19018==
> ==19018== Process terminating with default action of signal 11 (SIGSEGV)
> ==19018==  Access not within mapped region at address 0x0
> ==19018==    at 0x4E653CF: _gnutls_bin2hex (gnutls_str.c:443)
> ==19018==    by 0x4E75D41: pkcs11_get_info (pkcs11.c:409)
> ==19018==    by 0x40424D: pkcs11_list (pkcs11.c:193)
> ==19018==    by 0x403750: main (p11tool.c:135)
> ==19018==  If you believe this happened as a result of a stack
> ==19018==  overflow in your program's main thread (unlikely but
> ==19018==  possible), you can try to increase the size of the
> ==19018==  main thread stack using the --main-stacksize= flag.
> ==19018==  The main thread stack size used in this run was 8388608.
> ==19018==
> ==19018== HEAP SUMMARY:
> ==19018==     in use at exit: 551,735 bytes in 1,892 blocks
> ==19018==   total heap usage: 14,940 allocs, 13,048 frees, 8,311,394 bytes
> allocated
> ==19018==
> ==19018== LEAK SUMMARY:
> ==19018==    definitely lost: 4 bytes in 1 blocks
> ==19018==    indirectly lost: 0 bytes in 0 blocks
> ==19018==      possibly lost: 288 bytes in 1 blocks
> ==19018==    still reachable: 551,443 bytes in 1,890 blocks
> ==19018==         suppressed: 0 bytes in 0 blocks
> ==19018== Rerun with --leak-check=full to see details of leaked memory
> ==19018==
> ==19018== For counts of detected and suppressed errors, rerun with: -v
> ==19018== ERROR SUMMARY: 34 errors from 15 contexts (suppressed: 25 from 7)
> Killed
>
>> Could you also try whether that issue occurs in gnutls 3.0.14?
>
> Jepp, I just compiled gnutls-3.0.14 from sources. Same Problem here.
>
> BTW "p11tool --login --list-certs" seems to work.
>
> Regards
>
> Sven
>
> --
> Software patents are the software project equivalent of land mines: Each
> design decision carries a risk of stepping on a patent, which can destroy
> your project. (Richard M. Stallman)
> /me is giggls@ircnet, http://sven.gegg.us/ on the Web
>
> _______________________________________________
> Help-gnutls mailing list
> Help-gnutls@...
> https://lists.gnu.org/mailman/listinfo/help-gnutls

> To my understanding the token contains an object without an ID.
> Could you add below this code (after else if (version != NULL))
> http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=blob;f=lib/pkcs11.c;h=83fad64b893c0e79d26428a539a6f2ab3db13f02;hb=gnutls_2_12_x#l398
> the following:
> else
>  {
>    *output_size = 0;
>    if (output) output[0] = 0;
>    return 0;
>  }
>
> This would allow printing that object without crashing.