Bug #47
Displaying a SSL certificate make the VM to crash
| Status: | New | Start: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assigned to: |  Alain Prouté |
% Done: | 0% |
|
| Category: | Virtual Machine | |||
| Target version: | 1.10 | |||
| Platform: | Triage Stage: | Unreviewed | ||
| Resolution: |
Description
Using the function to_string(X509) can crash the VM (at least on Windows), depending of the content of the certificate.
History
Updated by Alain Prouté over 3 years ago
This problem is known since the beginning. Probably a bug in SSL. Cannot do much except encapsulate the SSL call into a 'sigsegv_protect' (macro defined in vm.h). Actually I see that it is already the case, so that I don't understand what you mean by 'crash'.
Updated by Cédric RICARD over 3 years ago
I don't really known ifSIGSEGV is trapped or no under Windows (I think no...), but I'm confident this is not a great maner to check if the certificate is well formed or no. I think we should avoid completely the use of such exceptions that can have very big side effects.
Even more, the error can be masked because the exception doesn't occure (write into allowed memory block, but not into the rigth struct... results are uncertains).
Updated by Alain Prouté over 3 years ago
The problem is that when we call a third party library function we cannot trust this library. This is why Apache for example encapsulates library calls (and plug-ins calls) into a mecanism using setjmp and longjump and trapping exceptions. I did the same with the macro 'sigsegv_protect'. If we want something better we need to replace the library function by a functoin of our own, either in C or in Anubis.
As far as the printing of X509 certificates is concerned, I thing reasonable to try to do it in Anubis. It should not be too complicated.
Updated by Cédric RICARD about 3 years ago
- Target version changed from 1.9 to 1.10
- Platform deleted (
Windows) - 3 deleted (
Not started)