gnutls-cli crashes with segfault in mingw
Description of problem:
gnutls-cli command crashes with segmentation fault.
Version of gnutls used:
3.7.8
Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
- Windows 10 build 19045
- msys2/mingw-w64
- gcc version 12.2.0 targeting x86_64-w64-mingw32
- Build command can be found in this file https://github.com/msys2/MINGW-packages/blob/master/mingw-w64-gnutls/PKGBUILD
- With some patches from here https://github.com/msys2/MINGW-packages/tree/master/mingw-w64-gnutls
How reproducible:
Steps to Reproduce:
- Run this command after compiling
gnutls-cli -d 1 imap.gmail.com -p 993
Actual results:
gnutls-cli command crashes with segmentation fault.
- Here is the output:
$ ./ucrt64/bin/gnutls-cli -d 1 imap.gmail.com -p 993
|<1>| There was a non-CA certificate in the trusted list: CN=y.
|<1>| There was a non-CA certificate in the trusted list: OU=Copyright (c) 1997 Microsoft Corp.,OU=Microsoft Corporation
,CN=Microsoft Root Authority.
|<1>| There was a non-CA certificate in the trusted list: C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority.
|<1>| There was a non-CA certificate in the trusted list: CN=DESKTOP-IEGKK8M.
|<1>| There was a non-CA certificate in the trusted list: CN=Root Agency.
Processed 37 CA certificate(s).
Resolving 'imap.gmail.com:993'...
Connecting to '172.217.194.109:993'...
Segmentation fault- Here is the backtrace from gdb:
Thread 1 received signal SIGSEGV, Segmentation fault.
0x00007ff6eed016da in system_write (ptr=0x3, data=0x223b158940b, data_size=396) at ../../gnutls-3.7.8/src/common.h:128
128 return send(hd->fd, data, data_size, 0);
(gdb) bt
#0 0x00007ff6eed016da in system_write (ptr=0x3, data=0x223b158940b, data_size=396) at ../../gnutls-3.7.8/src/common.h:128
#1 0x00007ffeb4445c59 in _gnutls_writev_emu (session=0x223b15844b0, fd=0x3, giovec=0xbb28ffcc90, giovec_cnt=1, vec=0) at ../../gnutls-3.7.8/lib/buffers.c:450
#2 0x00007ffeb4445e4d in _gnutls_writev (session=0x223b15844b0, giovec=0xbb28ffcc90, giovec_cnt=1, total=396) at ../../gnutls-3.7.8/lib/buffers.c:506
#3 0x00007ffeb4446622 in _gnutls_io_write_flush (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/buffers.c:700
#4 0x00007ffeb4446db0 in _gnutls_handshake_io_write_flush (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/buffers.c:839
#5 0x00007ffeb444da0d in _gnutls_send_handshake2 (session=0x223b15844b0, bufel=0x223b1588210, type=GNUTLS_HANDSHAKE_CLIENT_HELLO, queue_only=0) at ../../gnutls-3.7.8/lib/handshake.c:1450
#6 0x00007ffeb444d4ed in _gnutls_send_handshake (session=0x223b15844b0, bufel=0x223b1588210, type=GNUTLS_HANDSHAKE_CLIENT_HELLO) at ../../gnutls-3.7.8/lib/handshake.c:1287
#7 0x00007ffeb4451026 in send_client_hello (session=0x223b15844b0, again=0) at ../../gnutls-3.7.8/lib/handshake.c:2357
#8 0x00007ffeb4452a05 in handshake_client (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/handshake.c:3052
#9 0x00007ffeb445248c in gnutls_handshake (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/handshake.c:2884
#10 0x00007ff6eed055bd in do_handshake (rpl_socket=0xbb28ffe700) at ../../gnutls-3.7.8/src/cli.c:1855
#11 0x00007ff6eed0c79c in socket_open2 (hd=0xbb28ffe700, hostname=0x223af8851b0 "imap.gmail.com", service=0x7ff6eed35080 <service> "993", app_proto=0x0, flags=64, msg=0x7ff6eed2893b "Connecting to", rdata=0x0, edata=0x0, server_trace=0x0, client_trace=0x0) at ../../gnutls-3.7.8/src/socket.c:602
#12 0x00007ff6eed04347 in main (argc=6, argv=0x223af8729f0) at ../../gnutls-3.7.8/src/cli.c:1371Expected results:
After reverting the src/common.h hunk from this commit 20f993ac, the program is working as expected.
- Here is the correct output:
$ ./ucrt64/bin/gnutls-cli -d 1 imap.gmail.com -p 993
|<1>| There was a non-CA certificate in the trusted list: CN=y.
|<1>| There was a non-CA certificate in the trusted list: OU=Copyright (c) 1997 Microsoft Corp.,OU=Microsoft Corporation
,CN=Microsoft Root Authority.
|<1>| There was a non-CA certificate in the trusted list: C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority.
|<1>| There was a non-CA certificate in the trusted list: CN=DESKTOP-IEGKK8M.
|<1>| There was a non-CA certificate in the trusted list: CN=Root Agency.
Processed 37 CA certificate(s).
Resolving 'imap.gmail.com:993'...
Connecting to '172.217.194.109:993'...
- Certificate type: X.509
- Got a certificate list of 3 certificates.
- Certificate[0] info:
...
...
goes on...Previously reported here https://github.com/msys2/MINGW-packages/issues/14739