[Bug 272835] kinit(8) segmentation fault with openssl-3.0 in CURRENT

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272835

            Bug ID: 272835
           Summary: kinit(8) segmentation fault with openssl-3.0 in
                    CURRENT
           Product: Base System
           Version: CURRENT
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: Joerg.Pulz@frm2.tum.de

kinit(8) segfaults after my recent upgrade to CURRENT with OpenSSL-3.0 -
FreeBSD 14.0-CURRENT amd64 1400093 #0 main-n264294-09e5d91069d1

Looking at the core dump it happens here:

   frame #1: 0x000032ea670715c8
libkrb5.so.11`ARCFOUR_string_to_key(context=0x000051189c638000,
enctype=KRB5_ENCTYPE_ARCFOUR_HMAC_MD5, password=<unavailable>, salt=krb5_salt @
0x000032ea64595c30, opaque=<unavailable>, key=0x000051189c6b7fc0) at
salt-arcfour.c:84:2

Looking at crypto/heimdal/lib/krb5/salt-arcfour.c it happens when calling
openssl's EVP_DigestUpdate():

    /* LE encoding */
    for (i = 0; i < len; i++) {
        unsigned char p;
        p = (s[i] & 0xff);
->      EVP_DigestUpdate (m, &p, 1);
        p = (s[i] >> 8) & 0xff;
        EVP_DigestUpdate (m, &p, 1);
    }

Running from lldb(1) it seems that I end in crypto/openssl/crypto/evp/digest.c
in EVP_DigestUpdate() in line 412:

    410     /* Code below to be removed when legacy support is dropped. */
    411  legacy:
    412     return ctx->update(ctx, data, count);

Here ctx->update() is causing the segmentation fault.

I'm not an openssl expert and have no clue what ctx->update should be and where
it is coming from, so I'm at the end of the road here.

-- 
You are receiving this mail because:
You are the assignee for the bug.