[plt-scheme] Segfault in web server (due to missing library??)

From: Jay McCarthy (jay.mccarthy at gmail.com)
Date: Fri Oct 30 22:00:47 EDT 2009

This might be more compatible; can you try it?

(define HMAC-SHA1/raw
  (if libcrypto
      (get-ffi-obj 'HMAC libcrypto
                   (_fun [EVP_MD : _fpointer = (EVP_SHA1)]
                         [key : _bytes]
                         [key_len : _int = (bytes-length key)]
                         [data : _bytes]
                         [data_len : _int = (bytes-length data)]
                         [md : _pointer = #f]
                         [md_len : _uint = 0]
                         f->
                         _pointer))
      (lambda (key data) (error 'HMAC-SHA1/raw "libcrypto could not load"))))

On Fri, Oct 30, 2009 at 6:51 PM, David Storrs <david.storrs at gmail.com> wrote:
> Ok, we've got a bit more information.  Here's a test file (we have it saved
> as "test-hmac.c"):
>
> #include <openssl/hmac.h>
> #include <stdio.h>
>
> int main(int argc, char** argv) {
>   unsigned char foo[10] = "boo";
>   unsigned char* res = malloc(20);
>   printf("%s\n", SHA1(foo, 10, res));
>   free(res);
> }
>
> We built this on the Debian 5.0 system in question, using gcc -lcrypto
> test-hmac.c.  If we run it as-is, it works.  If we change:
>
>   printf("%s\n", SHA1(foo, 10, res));
> to
>   printf("%s\n", SHA1(foo, 10, 0));
>
> ...it segfaults.  Here is the code from web-server/stuffers/hmac-sha1.ss:
>
> (define HMAC-SHA1/raw
>   (if libcrypto
>       (get-ffi-obj 'HMAC libcrypto
>                    (_fun [EVP_MD : _fpointer = (EVP_SHA1)]
>                          [key : _bytes]
>                          [key_len : _int = (bytes-length key)]
>                          [data : _bytes]
>                          [data_len : _int = (bytes-length data)]
>                          [md : _int = 0]
>                          [md_len : _int = 0]     ;;  @@@@ Note the "0" here.
>                          f->
>                          _pointer))
>       (lambda (key data) (error 'HMAC-SHA1/raw "libcrypto could not
> load"))))
>
>
> The last argument to the SHA1() function is where to put the result.  When
> passed a NULL, it allocates its own return space.  We are guessing that, on
> the Debian box, NULL is defined to something other than 0, so when it
> receives a literal 0, it tries to write to 0x0 and segfaults.
>
> We're trying to track down where NULL is defined now.
>
> Dave
>



-- 
Jay McCarthy <jay at cs.byu.edu>
Assistant Professor / Brigham Young University
http://teammccarthy.org/jay

"The glory of God is Intelligence" - D&C 93


Posted on the users mailing list.