Page MenuHome GnuPG

catenacyber (philippe antoine)
User

Projects

User does not belong to any projects.

User Details

User Since
Mar 14 2018, 4:15 PM (315 w, 1 d)
Availability
Available

Recent Activity

Jul 1 2021

catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Got a new bug with regression range ccfa9f2c1427b40483984198c3df41f8057f69f8:6dfab8cfb94ccb485a15b13df3c499cbb06fddf2

Jul 1 2021, 10:19 PM · libgcrypt, Bug Report

Jun 29 2021

catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.
curve=23 secp256r1
point=040000ffffffff0000000000000000000000000000000000000000000000000000cfe26d107a5134d6feb38ce3577075bdc7aa70ff7523d3b203c8a973f2d3dc8e
bignum=0000000000ff0000000400000000000000000000005d00003277002000010000
mbedtls: 0 04fd351b304ad50f36153d8193c4bbf7d4c3bee26e5af52a9c70133edfa62c273e05da8312615436e9c81b5b0624e68667233ace6307afc8056eae85049ca63226
gcrypt: 0 04d6915640b8ba3918f129c108f52f571ec28c1c89ad710b43928c3bd942eb29d8bf181e997b502abf12cf3606eb46379c59fd396bda7b45cdc75d429b2b37b15f
Jun 29 2021, 8:57 PM · libgcrypt, Bug Report
catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.
curve=24 secp384r1
point=0400000000000000000000000000000000000000000000000000000000000000000000000000fffffffffffffffffffffc1b0d6f8fb7f2de5b8875645b64042ae20f119f3e1cfefc0215857eeae5f4a8fca737057d69a42c44d958e7cfcc77ce6b
bignum=ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52972
mbedtls: 0 0400000000000000000000000000000000000000000000000000000000000000000000000000fffffffffffffffffffffce4f29070480d21a4778a9ba49bfbd51df0ee60c1e30103fdea7a81151a0b570258c8fa81965bd3bb26a7183133883194
gcrypt: 0 04fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0100000000000000fffffffbe4f29070480d21a4778a9ba49bfbd51df0ee60c1e30103fdea7a81151a0b570258c8fa81965bd3bb26a7183133883194
Jun 29 2021, 8:53 PM · libgcrypt, Bug Report

Jun 28 2021

catenacyber added a comment to T5510: libgcrypt: incorrect computation for secp192r1.

Is secp192r1 only curve that is giving wrong results?

Jun 28 2021, 8:40 PM · libgcrypt, Bug Report

Jun 27 2021

catenacyber created T5510: libgcrypt: incorrect computation for secp192r1.
Jun 27 2021, 10:15 PM · libgcrypt, Bug Report

Jun 27 2019

catenacyber added a comment to rG0ccb5ddef18f: po: Update Japanese Translation..

Great :-)

Jun 27 2019, 8:39 AM

Jun 26 2019

catenacyber added a comment to rG0ccb5ddef18f: po: Update Japanese Translation..

It looks like this commit breaks the build by me

Jun 26 2019, 3:15 PM
catenacyber created T4586: Broken build after commit 0ccb5ddef18f04b86855530838af4cbb9b8aa30b updating Japanese translation.
Jun 26 2019, 1:57 PM · Bug Report

May 15 2019

catenacyber accepted rG1cd2aca03b88: build: Update m4/iconv.m4..

Great :-)
This was a change (fixing file descriptor leaks in iconv.m4) that I needed to do for building fuzzing
https://github.com/google/oss-fuzz/blob/master/projects/gnupg/fuzzgnupg.diff#L178

May 15 2019, 5:40 PM

Apr 17 2019

catenacyber added a comment to T4461: Memory leak in read_block.

Fix is ok for oss-fuzz

Apr 17 2019, 4:38 PM · Bug Report

Apr 16 2019

catenacyber created T4461: Memory leak in read_block.
Apr 16 2019, 6:06 PM · Bug Report

Mar 19 2019

catenacyber added a comment to T4410: Memory leak in import recently introduced.

Running
valgrind --leak-check=full ./g10/gpg --import clusterfuzz-testcase-minimized-fuzz_import-5751600352591872.dms
gave me at commit f799e9728bcadb3d4148a47848c78c5647860ea4

==11882== 232 (16 direct, 216 indirect) bytes in 1 blocks are definitely lost in loss record 290 of 333
==11882==    at 0x1001C32C5: malloc (vg_replace_malloc.c:302)
==11882==    by 0x100B211B9: do_malloc (in /usr/local/Cellar/libgcrypt/1.8.3/lib/libgcrypt.20.dylib)
==11882==    by 0x100B214D5: _gcry_xmalloc (in /usr/local/Cellar/libgcrypt/1.8.3/lib/libgcrypt.20.dylib)
==11882==    by 0x100058A1D: read_block (import.c:929)
==11882==    by 0x10005B772: import (import.c:584)
==11882==    by 0x1000597FF: import_keys_internal (import.c:486)
==11882==    by 0x1000596FE: import_keys (import.c:526)
==11882==    by 0x10000727B: main (gpg.c:4675)
Mar 19 2019, 9:07 AM · Bug Report

Mar 18 2019

catenacyber added a comment to T4410: Memory leak in import recently introduced.

Ok, I will wait longer next time.
How do I make the file accessible ? (I can download it)

Mar 18 2019, 8:24 PM · Bug Report
catenacyber created T4410: Memory leak in import recently introduced.
Mar 18 2019, 11:56 AM · Bug Report

Mar 15 2019

catenacyber created T4407: Heap-use-after-free from commit 01c87d4c.
Mar 15 2019, 8:36 AM · Bug Report

Nov 28 2018

catenacyber added a comment to T4093: Undefined shift in parse_symkeyenc.

@gniibe there seems to be one remaining issue.
Even with iobuf_get_noeof, we have to cast to an unsigned integer before shifting 24 places to avoid undefined behavior :

diff --git a/common/iobuf.c b/common/iobuf.c
index 5eeba8fe6..1b9722d0a 100644
--- a/common/iobuf.c
+++ b/common/iobuf.c
@@ -878,7 +878,7 @@ block_filter (void *opaque, int control, iobuf_t chain, byte * buffer,
                    }
                  else if (c == 255)
                    {
-                     a->size = iobuf_get_noeof (chain) << 24;
+                     a->size = (size_t)iobuf_get_noeof (chain) << 24;
                      a->size |= iobuf_get_noeof (chain) << 16;
                      a->size |= iobuf_get_noeof (chain) << 8;
                      if ((c = iobuf_get (chain)) == -1)
``
Nov 28 2018, 9:27 PM · Bug Report

Sep 12 2018

catenacyber created T4140: Memory leak in get_session_key.
Sep 12 2018, 4:17 PM · Bug Report

Sep 10 2018

catenacyber added a comment to T4093: Undefined shift in parse_symkeyenc.

Asked in https://github.com/google/oss-fuzz/pull/1806

Sep 10 2018, 5:42 PM · Bug Report
catenacyber added a comment to T4093: Undefined shift in parse_symkeyenc.

ok @werner
Should I change it to another mail address (@gniibe if you are interested) or should I just use mine ?

Sep 10 2018, 8:27 AM · Bug Report

Aug 7 2018

catenacyber added a comment to T4093: Undefined shift in parse_symkeyenc.

There is the same bug and fix in function parse_key :

diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 0d28e7ac1..b147179e2 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -2533,7 +2533,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
                      err = gpg_error (GPG_ERR_INV_PACKET);
                      goto leave;
                    }
-                 ski->s2k.count = iobuf_get (inp);
+                 ski->s2k.count = iobuf_get_noeof (inp);
                  pktlen--;
                  if (list_mode)
                    es_fprintf (listfp, "\tprotect count: %lu (%lu)\n",
Aug 7 2018, 3:27 PM · Bug Report

Aug 6 2018

catenacyber created T4093: Undefined shift in parse_symkeyenc.
Aug 6 2018, 9:25 AM · Bug Report

Jun 30 2018

catenacyber created T4047: Memory leak in function buf_to_sig.
Jun 30 2018, 6:16 PM · Bug Report

May 3 2018

catenacyber added a comment to T3914: Integration with oss-fuzz.

Ok, so I guess that you can close this ticket.

May 3 2018, 10:34 AM · Feature Request

Apr 27 2018

catenacyber added a comment to T3914: Integration with oss-fuzz.

I now have all three fuzz targets stable now, and not finding more bugs besides the reported memory leaks
https://github.com/gpg/gnupg/compare/master...catenacyber:7651c60
What do you think of it ? Do you want to use it for continuous integration ?

Apr 27 2018, 5:39 PM · Feature Request

Apr 23 2018

catenacyber created T3930: Memory leak in read_block.
Apr 23 2018, 4:28 PM · gnupg (gpg22), Bug Report

Apr 19 2018

catenacyber added a comment to T3914: Integration with oss-fuzz.

Work is in progress, but you can already see :

Apr 19 2018, 9:29 AM · Feature Request

Apr 18 2018

catenacyber created T3916: Memory leak in read_block.
Apr 18 2018, 9:36 AM · gnupg, Bug Report
catenacyber added a comment to T3914: Integration with oss-fuzz.

You may want to check with Hanno Böck

Apr 18 2018, 9:22 AM · Feature Request

Apr 17 2018

catenacyber added a comment to T3914: Integration with oss-fuzz.

Sorry myself.
I will try to be clearer :

Apr 17 2018, 6:19 PM · Feature Request
catenacyber added a comment to T3913: left shift of negative value in iobuf.c.

Ok, thanks for the reply

Apr 17 2018, 5:48 PM · Bug Report
catenacyber created T3914: Integration with oss-fuzz.
Apr 17 2018, 1:35 PM · Feature Request
catenacyber added a comment to T3913: left shift of negative value in iobuf.c.

With this example, the problem happens at
a->size |= iobuf_get (chain) << 8;
iobuf_get (chain)returns -1 and -1 << 8 is not well defined.

Apr 17 2018, 11:37 AM · Bug Report
catenacyber created T3913: left shift of negative value in iobuf.c.
Apr 17 2018, 11:00 AM · Bug Report

Apr 14 2018

catenacyber added a comment to T3900: Memory leak in check_sig_and_print.

You are welcome :-) I did not know about that 39-Arigato

Apr 14 2018, 11:49 AM · gnupg (gpg22), Bug Report

Apr 13 2018

catenacyber created T3900: Memory leak in check_sig_and_print.
Apr 13 2018, 8:35 AM · gnupg (gpg22), Bug Report

Apr 12 2018

catenacyber added a comment to T3898: Memory leak in g10 handle_compressed.

Bug can be reproduced with gpg --verify leak-a702b3e5612e12163f056f41feb9e95a8b3836bb

Apr 12 2018, 9:15 PM · gnupg (gpg14), Bug Report
catenacyber created T3898: Memory leak in g10 handle_compressed.
Apr 12 2018, 9:13 PM · gnupg (gpg14), Bug Report