On Wed, Oct 05, 2016 at 12:31:27PM +0100, Stuart Henderson wrote:
> There's a segfault when py-requests GETs an https resource (segv occurs
> after it calls verify_cb, it happens every time for every site I've tried).
> e.g.
>
> $ printf "import requests\nr = requests.get('https://www.openbsd.org/')\n" |
> python2.7
> Segmentation fault (core dumped)
>
> Any ideas who is to blame or where to poke at next?
>
I test on two machines, work fine, no segv.
Snapshot:
kern.version=OpenBSD 6.0-current (GENERIC.MP) #2529: Tue Oct 4 17:53:45 MDT
2016
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
Python 2.7.12 (default, Sep 26 2016, 15:57:20)
[GCC 4.2.1 20070719 ] on openbsd6
> $ python2.7
> Python 2.7.12 (default, Oct 3 2016, 09:11:44)
> [GCC 4.2.1 20070719 ] on openbsd6
> Type "help", "copyright", "credits" or "license" for more information.
> >>> import requests
> >>> r = requests.get('https://dmtx.uk/')
> Segmentation fault (core dumped)
>
> $ gdb `which python2.7` python2.7.core
> GNU gdb 6.3
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for details.
> This GDB was configured as "amd64-unknown-openbsd6.0"...(no debugging symbols
> found)
>
> Core was generated by `python2.7'.
> Program terminated with signal 11, Segmentation fault.
> Reading symbols from /usr/lib/libpthread.so.23.0...done.
> Loaded symbols for /usr/lib/libpthread.so.23.0
> Reading symbols from /usr/lib/libpthread.so.22.0...done.
> Loaded symbols for /usr/lib/libpthread.so.22.0
> Loaded symbols for /usr/local/bin/python2.7
> Reading symbols from /usr/local/lib/libpython2.7.so.0.0...done.
> Loaded symbols for /usr/local/lib/libpython2.7.so.0.0
> Symbols already loaded for /usr/lib/libpthread.so.23.0
> Reading symbols from /usr/lib/libutil.so.12.1...done.
> Loaded symbols for /usr/lib/libutil.so.12.1
> Reading symbols from /usr/lib/libstdc++.so.57.0...done.
> Loaded symbols for /usr/lib/libstdc++.so.57.0
> Reading symbols from /usr/lib/libm.so.10.0...done.
> Loaded symbols for /usr/lib/libm.so.10.0
> Reading symbols from /usr/lib/libc.so.89.2...done.
> Loaded symbols for /usr/lib/libc.so.89.2
> Reading symbols from /usr/libexec/ld.so...done.
> Loaded symbols for /usr/libexec/ld.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_locale.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_locale.so
> Reading symbols from /usr/local/lib/libintl.so.6.0...done.
> Loaded symbols for /usr/local/lib/libintl.so.6.0
> Reading symbols from /usr/local/lib/libiconv.so.6.0...done.
> Loaded symbols for /usr/local/lib/libiconv.so.6.0
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/readline.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/readline.so
> Reading symbols from /usr/lib/libreadline.so.4.0...done.
> Loaded symbols for /usr/lib/libreadline.so.4.0
> Reading symbols from /usr/lib/libncursesw.so.14.0...done.
> Loaded symbols for /usr/lib/libncursesw.so.14.0
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/time.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/time.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/cStringIO.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/cStringIO.so
> Reading symbols from
> /usr/local/lib/python2.7/lib-dynload/_collections.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_collections.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/operator.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/operator.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/itertools.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/itertools.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_heapq.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_heapq.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_socket.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_socket.so
> Reading symbols from
> /usr/local/lib/python2.7/lib-dynload/_functools.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_functools.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_ssl.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_ssl.so
> Reading symbols from /usr/lib/libssl.so.39.1...done.
> Loaded symbols for /usr/lib/libssl.so.39.1
> Reading symbols from /usr/lib/libcrypto.so.38.1...done.
> Loaded symbols for /usr/lib/libcrypto.so.38.1
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/strop.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/strop.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_struct.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_struct.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/binascii.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/binascii.so
> Reading symbols from /usr/lib/libz.so.5.0...done.
> Loaded symbols for /usr/lib/libz.so.5.0
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/datetime.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/datetime.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/array.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/array.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_io.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_io.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/math.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/math.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_hashlib.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_hashlib.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_random.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_random.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/fcntl.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/fcntl.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/select.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/select.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_ctypes.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_ctypes.so
> Reading symbols from /usr/local/lib/libffi.so.1.2...done.
> Loaded symbols for /usr/local/lib/libffi.so.1.2
> Reading symbols from /usr/local/lib/libuuid.so.14.0...done.
> Loaded symbols for /usr/local/lib/libuuid.so.14.0
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/zlib.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/zlib.so
> Reading symbols from
> /usr/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so...done.
> Loaded symbols for
> /usr/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so
> Reading symbols from
> /usr/local/lib/python2.7/site-packages/_cffi_backend.so...done.
> Loaded symbols for /usr/local/lib/python2.7/site-packages/_cffi_backend.so
> Symbols already loaded for /usr/lib/libpthread.so.22.0
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_json.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_json.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/_bisect.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_bisect.so
> Reading symbols from /usr/local/lib/python2.7/lib-dynload/cPickle.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/cPickle.so
> Reading symbols from
> /usr/local/lib/python2.7/lib-dynload/unicodedata.so...done.
> Loaded symbols for /usr/local/lib/python2.7/lib-dynload/unicodedata.so
> #0 0x000015a8f5d58fc0 in ?? ()
> (gdb) bt
> #0 0x000015a8f5d58fc0 in ?? ()
> #1 0x000015a944d9c19c in internal_verify (ctx=0x7f7fffff2d00) at
> /usr/src/lib/libcrypto/x509/x509_vfy.c:1611
> #2 0x000015a944d9d859 in X509_verify_cert (ctx=0x7f7fffff2d00) at
> /usr/src/lib/libcrypto/x509/x509_vfy.c:374
> #3 0x000015a8d527b690 in ssl_verify_cert_chain (s=0x15a95bd59000,
> sk=Variable "sk" is not available.
> ) at /usr/src/lib/libssl/ssl_cert.c:448
> #4 0x000015a8d528edd0 in ssl3_get_server_certificate (s=0x15a95bd59000) at
> /usr/src/lib/libssl/s3_clnt.c:1015
> #5 0x000015a8d52901c1 in ssl3_connect (s=0x15a95bd59000) at
> /usr/src/lib/libssl/s3_clnt.c:297
> #6 0x000015a8d527f7de in ssl23_connect (s=0x15a95bd59000) at
> /usr/src/lib/libssl/s23_clnt.c:477
> #7 0x000015a87fd79e5c in _cffi_f_SSL_do_handshake () from
> /usr/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so
> #8 0x000015a8a0904868 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #9 0x000015a8a090462a in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #10 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #11 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #12 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #13 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #14 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #15 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #16 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #17 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #18 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #19 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #20 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #21 0x000015a8a088df37 in function_call () from
> /usr/local/lib/libpython2.7.so.0.0
> #22 0x000015a8a0864008 in PyObject_Call () from
> /usr/local/lib/libpython2.7.so.0.0
> #23 0x000015a8a0900247 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #24 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #25 0x000015a8a088df37 in function_call () from
> /usr/local/lib/libpython2.7.so.0.0
> #26 0x000015a8a0864008 in PyObject_Call () from
> /usr/local/lib/libpython2.7.so.0.0
> #27 0x000015a8a0900247 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #28 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #29 0x000015a8a088df37 in function_call () from
> /usr/local/lib/libpython2.7.so.0.0
> #30 0x000015a8a0864008 in PyObject_Call () from
> /usr/local/lib/libpython2.7.so.0.0
> #31 0x000015a8a0900247 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #32 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #33 0x000015a8a088df37 in function_call () from
> /usr/local/lib/libpython2.7.so.0.0
> #34 0x000015a8a0864008 in PyObject_Call () from
> /usr/local/lib/libpython2.7.so.0.0
> #35 0x000015a8a0900247 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #36 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #37 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #38 0x000015a8a090667d in PyEval_EvalCodeEx () from
> /usr/local/lib/libpython2.7.so.0.0
> #39 0x000015a8a0906772 in PyEval_EvalCode () from
> /usr/local/lib/libpython2.7.so.0.0
> #40 0x000015a8a0923902 in run_mod () from /usr/local/lib/libpython2.7.so.0.0
> #41 0x000015a8a09254eb in PyRun_InteractiveOneFlags () from
> /usr/local/lib/libpython2.7.so.0.0
> #42 0x000015a8a09256fe in PyRun_InteractiveLoopFlags () from
> /usr/local/lib/libpython2.7.so.0.0
> #43 0x000015a8a092582c in PyRun_AnyFileExFlags () from
> /usr/local/lib/libpython2.7.so.0.0
> #44 0x000015a8a093643c in Py_Main () from /usr/local/lib/libpython2.7.so.0.0
> #45 0x000015a675e00462 in _start () from /usr/local/bin/python2.7
> #46 0x0000000000000000 in ?? ()
> (gdb) frame 1
> #1 0x000015a944d9c19c in internal_verify (ctx=0x7f7fffff2d00) at
> /usr/src/lib/libcrypto/x509/x509_vfy.c:1611
> 1611 ok = (*cb)(1, ctx);
> (gdb) list
> 1606 goto end;
> 1607
> 1608 /* The last error (if any) is still in the error value
> */
> 1609 ctx->current_issuer = xi;
> 1610 ctx->current_cert = xs;
> 1611 ok = (*cb)(1, ctx);
> 1612 if (!ok)
> 1613 goto end;
> 1614
> 1615 n--;
> (gdb) p *ctx
> $1 = {ctx = 0x15a8e3598700, current_method = 0, cert = 0x15a8ba55ff00,
> untrusted = 0x15a8be37cee0, crls = 0x0, param = 0x15a913dac300,
> other_ctx = 0x0, verify = 0x15a944d9c090 <internal_verify>,
> verify_cb = 0x15a8f5d58fc0,
> get_issuer = 0x15a944dd59b0 <X509_STORE_CTX_get1_issuer>,
> check_issued = 0x15a944d9b990 <check_issued>,
> check_revocation = 0x15a944d9cbe0 <check_revocation>,
> get_crl = 0, check_crl = 0x15a944d9d970 <check_crl>,
> cert_crl = 0x15a944d9b7c0 <cert_crl>,
> check_policy = 0x15a944d9b660 <check_policy>,
> lookup_certs = 0x15a944dd5e30 <X509_STORE_get1_certs>,
> lookup_crls = 0x15a944dd5c30 <X509_STORE_get1_crls>,
> cleanup = 0, valid = 0, last_untrusted = 2, chain = 0x15a90e0f90a0,
> tree = 0x0, explicit_policy = 0, error_depth = 2, error = 0,
> current_cert = 0x15a94b2ac400, current_issuer = 0x15a94b2ac400,
> current_crl = 0x0, current_crl_score = 0, current_reasons = 0,
> parent = 0x0, ex_data = {sk = 0x15a90c5969a0}}
> (gdb) list
> 1606 goto end;
> 1607
> 1608 /* The last error (if any) is still in the error value
> */
> 1609 ctx->current_issuer = xi;
> 1610 ctx->current_cert = xs;
> 1611 ok = (*cb)(1, ctx);
> 1612 if (!ok)
> 1613 goto end;
> 1614
> 1615 n--;
> (gdb) p *ctx->cert
> $2 = {cert_info = 0x15a8930ff000, sig_alg = 0x15a887c641a0,
> signature = 0x15a9078c4880, valid = 0, references = 2,
> name = 0x15a8b98ffa00 "/CN=dmtx.uk", ex_data = {sk = 0x0},
> ex_pathlen = -1, ex_pcpathlen = 0, ex_flags = 263,
> ex_kusage = 160, ex_xkusage = 3, ex_nscert = 0,
> skid = 0x15a90c596fe0, akid = 0x15a8be37c080,
> policy_cache = 0x0, crldp = 0x0,
> altname = 0x15a8e0140a20, nc = 0x0,
> sha1_hash = "])D\231Dëï·ö\017]óî{Ël!À)X", aux = 0x0}
> (gdb) p *ctx->verify
> $3 = {int (X509_STORE_CTX *)} 0x15a944d9c090 <internal_verify>
> (gdb) p *ctx->verify_cb
> $4 = {int (int, X509_STORE_CTX *)} 0x15a8f5d58fc0
>
--
Alexandr Shadchin
