v2.8 regression: SIGSEGV in BIO_free

[tim77]

Description of problem:

SIGSEGV in BIO_free

Affected version: v2.8. v2.7 does not crash.

Steps to Reproduce:

Test with a copy of a recent kernel:

$ file vmlinuz-1.bin
vmlinuz-1.bin: Linux kernel x86 boot executable bzImage, version 6.8.7-200.fc39.x86_64 (mockbuild@45dd5688efad44f5b0bb641c76b5468d) #1 SMP PREEMPT_DYNAMIC Wed Apr 17 19:35:11 UTC 2024, RO-rootFS, swap_dev 0XE, Normal VGA

$ osslsigncode extract-signature -in vmlinuz-1.bin -out vmlinuz-1.sig
Current PE checksum   : 00000000
Calculated PE checksum: 00E34572
Warning: invalid PE checksum

Corrupted attribute certificate table
Attribute certificate table size  : 00000D48
Attribute certificate entry length: 00000762

Unable to extract existing signature
Segmentation fault (core dumped)

Actual results:

Program received signal SIGSEGV, Segmentation fault.

Downstream bug report

• https://bugzilla.redhat.com/show_bug.cgi?id=2277444
• https://retrace.fedoraproject.org/faf/reports/960359/

Additional info

Spec file: https://src.fedoraproject.org/rpms/osslsigncode/blob/rawhide/f/osslsigncode.spec

[mtrojnar]

Can you reproduce this issue against the current master branch? I think https://github.com/mtrojnar/osslsigncode/commit/0a0761746f670e34335826ea90b3fffe93e519fe should have fixed it.

[tim77]

Thanks, https://github.com/mtrojnar/osslsigncode/commit/0a0761746f670e34335826ea90b3fffe93e519fe mostly likely fixed SIGSEGV in BIO_free issue. osslsigncode from master branch currently in testing and look like still have some sort of regression. But this safe to close i suppose.