Open webermar opened 1 year ago
I have the same problem. A cursory inspection showed that from some places the seafile_decrypt_repo_enc_key function is called with the specified password as NULL. However, the strlen function is not null-safe. After moving one line, the problem disappeared, but I don't know how true this is. Encrypted and non-encrypted libraries work without crashes.
Module libcrypt.so.2 with build-id a8ca68e321a4a1d45d15cdd85e8a7a40b7d052ce
Stack trace of thread 7059:
#0 0x00007f09f915b87d __strlen_avx2 (libc.so.6 + 0x15b87d)
#1 0x00005630771556de seafile_decrypt_repo_enc_key (seaf-daemon + 0x1e6de)
#2 0x000056307716284d seaf_repo_fetch_and_checkout (seaf-daemon + 0x2b84d)
#3 0x000056307714ed6c http_download_thread (seaf-daemon + 0x17d6c)
#4 0x0000563077149cc9 job_thread_wrapper (seaf-daemon + 0x12cc9)
#5 0x00007f09f9538d02 g_thread_pool_thread_proxy.lto_priv.0 (libglib-2.0.so.0 + 0x81d02)
#6 0x00007f09f9536302 g_thread_proxy (libglib-2.0.so.0 + 0x7f302)
#7 0x00007f09f908cdcd start_thread (libc.so.6 + 0x8cdcd)
#8 0x00007f09f9112630 __clone3 (libc.so.6 + 0x112630)
diff -upr a/common/seafile-crypt.c b/common/seafile-crypt.c
--- a/common/seafile-crypt.c 2022-12-27 10:53:39.000000000 +0200
+++ b/common/seafile-crypt.c 2023-03-04 01:23:18.214962454 +0200
@@ -236,9 +236,8 @@ seafile_decrypt_repo_enc_key (int enc_ve
{
unsigned char key[32], iv[16];
- seafile_derive_key (passwd, strlen(passwd), enc_version, repo_salt, key, iv);
-
if (enc_version == 1) {
+ seafile_derive_key (passwd, strlen(passwd), enc_version, repo_salt, key, iv);
memcpy (key_out, key, 16);
memcpy (iv_out, iv, 16);
return 0;
This is a bug related to delete confirmation of files in encrypted libraries. It'll be fixed in 9.0.2.
System is a Intel i7-5600U with Fedora 36 and seafile-client v8.0.10 installed. (via official Repo aka dnf)
When trying to start the client, it crashes after opening/showing the Seafile-Client Window. Interaction with the gui isn't possible at any time.
The journal says it segfaults/crashes in strlen_avx2_rtm: abrt-notification[12317]: Process 220189 (seaf-daemon) crashed in strlen_avx2_rtm()
Journal after trying to start the client: [12270]: json_parse on "{\"type\":\"rpm\",\"name\":\"libxcrypt\",\"version\":\"4.4.33-4.fc36\",\"architecture\":\"x86_64\",\"osCpe\":\"cpe:/o:fedoraproject:fedora:36\"}\003" failed: Invalid argument systemd-coredump[12269]: [🡕] Process 12261 (seaf-daemon) of user 1000 dumped core.
The i7-5600U has official Support for AVX2: https://www.intel.de/content/www/de/de/products/sku/85215/intel-core-i75600u-processor-4m-cache-up-to-3-20-ghz/specifications.html
I don't have any idea, what the real problem could be. It worked fine before.