Fernet.encrypt() crashes Python on OSX Mavericks

[return1]

$ python
Python 2.7.6 (default, Feb 26 2014, 17:21:39) 
[GCC 4.2.1 Compatible Apple LLVM 5.0 (clang-500.2.79)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from cryptography.fernet import Fernet
>>> key = Fernet.generate_key()
>>> f = Fernet(key)
>>> token = f.encrypt(b"my deep dark secret")
python(65581,0x7fff7d5f6310) malloc: *** error for object 0x7f8002512f68: incorrect checksum for freed object - object was probably modified after being freed.

the same error occurs with the system and the homebrew python2.7 on OSX Mavericks 10.9.2

[alex]

Are you able to consistently reproduce this? On Feb 26, 2014 8:57 AM, "Dominique Lederer" notifications@github.com wrote:

$ python Python 2.7.6 (default, Feb 26 2014, 17:21:39) [GCC 4.2.1 Compatible Apple LLVM 5.0 (clang-500.2.79)] on darwin Type "help", "copyright", "credits" or "license" for more information.

from cryptography.fernet import Fernet key = Fernet.generate_key() f = Fernet(key) token = f.encrypt(b"my deep dark secret") python(65581,0x7fff7d5f6310) malloc: *\ error for object 0x7f8002512f68: incorrect checksum for freed object - object was probably modified after being freed.

the same error occurs with the system and the homebrew python on OSX Mavericks 10.9.2

— Reply to this email directly or view it on GitHubhttps://github.com/pyca/cryptography/issues/692 .

[return1]

on my mac, yes. freshly brewed python with system openssl, yes. also running the cryptography testsuite crashes python in test_fernet.py

[dreid]

1. Which version of cryptography?
2. Which version of OpenSSL?
3. Were you able to reproduce with the system python?
4. Does the problem persist on cryptography master?

I've written the following script which should help narrow down some:

https://gist.github.com/dreid/f7183ef663afea65cf6d

If you could gist the output of python t.py and python -u -m trace -t t.py that would be much appreciated.

[return1]

turns out it is not consistently reproduceable, every now and then, the encryption works with no error.

ad 1) cryptgraphy 0.2.1 ad 2) OpenSSL 0.9.8y 5 Feb 2013 ad 3) yes ad 4) yes (0.3.dev1)

here is the gist: https://gist.github.com/return1/9238025

[public]

Has anyone else been able to reproduce this on OS X yet?

[reaperhulk]

I have not. I've tried on 0.2.1 and current master running @dreid's t.py with no luck in causing this error. :(

[public]

@return1 Could you try with the latest master? We haven't been able to reproduce this but we've made some changes in this area that could hypothetically effect this bug.

[return1]

tried it with latest master, unfortunately still the same crash:

$ python t.py 
OpenSSL Version:  OpenSSL 0.9.8y 5 Feb 2013
CommonCrypto:  gAAAAABTFfAg-RKf-Zv4dUKDdissnDRM4GgIhpeW2F6L5kkWNx0NREks9nzAXOwl_q-nVSZXVTEOE543qxJOPL_7KSeH6C4BuqjCYoZ5ZPvqG74QlS-19vs=
python(6112,0x7fff7c664310) malloc: *** error for object 0x7fbeb37a2e58: incorrect checksum for freed object - object was probably modified after being freed.
*** set a breakpoint in malloc_error_break to debug
OpenSSL: Abort trap: 6

[kix]

All OK:

$ python --version
Python 2.7.6
$ python t.py
OpenSSL Version:  OpenSSL 0.9.8y 5 Feb 2013
CommonCrypto:  gAAAAABTFhQdbNk_1Yok7H9UcgCDmtuIyUOwKCZBDgF44K_9SB3BU8qZ6hy2aFhBWuUqBl3YOn5oOS6XJXtnorrzlitHzxKMG8tG-fJ0ASBhAaXd4VjXHM0=
OpenSSL:  gAAAAABTFhQdzgYdgWnSpEvfSlqOcYP942aryiiikMu1NmG6tHjpN3UCXLlFKfXN4yzeJWh7JV6VjfazUUSXvIBPcCS30t-Slh-_QS9a_IQ5OYAOkvI2ClU=
Default:  gAAAAABTFhQdrE6ll9TzdaYm6KxJOk35DhHADFDkkZiv3lmIRWcc3kSHFu_mTUUZZP5zJ-ftYH8Gvy5o3erTVIvUHcy-EnWK9pByXc4QmsArXbgtL79eLnI=

[lgw4]

Can't reproduce. cryptography 0.2.2, homebrew Python 2.7.6, OpenSSL 0.9.8y 5 Feb 2013, OS X 10.9.2. Tried system Python. Can't reproduce either. Same as above, only system Python 2.7.5.

[radix]

https://gist.github.com/radix/9352152

[glyph]

Can't reproduce; cryptography cd10571261ad24dcd0dc63c9703289faccd841a8, OS X 10.9.2, system Python.

[trevorjb]

Unable to reproduce. Python 2.7.5, cryptography 0.2.2, OS X 10.9.1 $ python t.py OpenSSL Version: OpenSSL 0.9.8y 5 Feb 2013 CommonCrypto: gAAAAABTFhdpqGaxb5xsJrdajqvc5RNnHQS8mv4TwZkv-Rmwg75n4v5ICW-DQs7kebANCM8gmaX5ehFTDECWwOkuh-ICKSl8CRayAMgOp8ewD9agizLsAbQ= OpenSSL: gAAAAABTFhdpJMOFrpui6TKpBKmGxSY97xg97yTJGRoy05m_ftR6eeiyWoy-cbM-Z_NMPwKnFImkp59G-EVSO1gkpJaxO9cxj9Gx9OPuoskPAVY5mM9UKHc= Default: gAAAAABTFhdq8EuVZzjU6-iXFbFTRT6HAWMdAD1tZnWLJhyelJkqQybVQiBdNy7phnOn9c-ygJsdfMX28ALlPSGA3mXzIcbxxu5Vlbjlhq0fBa3TimQBN1M=

[glyph]

Aah, I am still learning to drive Git apparently. Let me try again with a version recent enough that t.py works:

OpenSSL Version:  OpenSSL 0.9.8y 5 Feb 2013
CommonCrypto:  gAAAAABTFhi2LGcm_oz5YO5IHCQTwN8MdGinCNPUdhIKO-b9e1jxudPhvGfb683cYj3kIQLASevqEll8DbS23WLvwhCCWPxTaZzU3-7F-zghs5aRt_oEopU=
OpenSSL:  gAAAAABTFhi2YmRSVWWYQEKR1cNUZ1GgK6LO-DMaKExpbm4emyxl1REN0BLNePc1WmGM57YnrDQJPpDUPg02jgnZfzp1GO2XpLrplzaAeXGupf14Eei8rSM=
Default:  gAAAAABTFhi29555kHfSZ_PvztfjOQwjXRfmxg1vMIzdcX5JXVOz50Eqq4liyq2Ja9lTH4h5ZN3ez7N5goDORhi9nFybK6aWthHVD2zmoYGF9gTHxraBEig=

[trenton42]

I have the same results as @trevorjb (i.e. no errors) with the only difference being that I am on OS X 10.9.2

[glyph]

I tried this:

from cryptography.fernet import Fernet
from itertools import count

for n in count():
    if n % 10000 == 0:
        print("%d iterations" % tuple([n]))
    key = Fernet.generate_key()
    f = Fernet(key)
    token = f.encrypt(b"my deep dark secret")

and got to 500000 iterations before getting bored.

[glyph]

So it sounds like @return1 is the only one able to reproduce thus far?

[grampajoe]

@return1 When you installed the package, which libffi did you use? I don't know whether there'd be an issue with that, I'm just trying to make more information available.

[rkulla]

I haven't been able to repro. Tried both the original repl test and 20 runs of t.py:

$ python t.py OpenSSL Version: OpenSSL 0.9.8y 5 Feb 2013 CommonCrypto: gAAAAABTFh3Tg3yDNgptRAJyIaauMDd6FtjayujsArWK03mo3To37biWdftQRXzATDwUwJzl2c5dpeMTS8MzLI77gwaqNCq6HsNmRWQXzc6nF_ZbpRZVOFs= OpenSSL: gAAAAABTFh3TyIQyAVSqj58f6XEm569X8E9-MjbIo7Z7upxm-4_SOECAvQbAAHk3hWNkEkbtcXLU48PYs3oFakAIWKHmWx-YClJ6OmA8yV2T3up_YSVACIs= Default: gAAAAABTFh3TIIjJzp-xqmTwG_CDwVVDpCbTplWSq7MXEW_85_APFTuwQPTpJws0p2S73I4mFiGP8PpBZDPrP6QRSRSzeDhgdl7v4LRJbcf702IDRgi9IYA=

Freshly brewed install of python 2.7.6 on OS X 10.9.2 and using a virtualenvwrapper. (For exactly how I brew installed python: http://rkulla.blogspot.com/2014/03/the-path-to-homebrew.html)

[dreid]

@return1 Do you have .crash file in ~/Library/Logs/DiagnosticReports that corresponds to one of your reproductions?

If so can you put it in a gist for me?

[wolever]

After 100 iterations of running python t.py, then a few minutes of looping within Python on the encrpytion, I can't reporduce.

• OpenSSL Version: OpenSSL 0.9.8r 8 Feb 2011
• Python 2.7.2
• cryptography 0.2.2
• OS X 10.8.4 (uname -a: Darwin hostname 12.4.0 Darwin Kernel Version 12.4.0)

[zookoatleastauthoritycom]

I've heard that valgrind works for Mac OS X nowadays. That tool has often been very helpful for me in identifying issues like "object was probably modified after being freed".

[return1]

@grampajoe i did not explicitly set any libffi version, i guess it uses the osx mavericks shipped version. i also tried to install cffi with the brewed version of libffi, but python still crashes.

@dreid here you are: https://gist.github.com/return1/9390069

[dreid]

@return1 I'm sorry, I don't know what's going on. There isn't anything terribly useful in that crash report and no one can reproduce your error. :\

Have you tried with the system python?

[return1]

@dreid yes i tried that too. i don't know how to provide you with more useful information :(

i also tried to reproduce on another OSX Mavericks system, but it works there.

[glyph]

@return1 I haven't managed to reproduce this on a half a dozen other macs so far, either. I am half-seriously considering that the problem may be bad RAM, a corrupt binary, or some kind of filesystem issue on the one system where you've seen a problem. It might be worth running Disk Utility to see if anything is really obviously wrong; it would be nice to know if it were.

[return1]

i checked my filesystem and my ram, everthing is o.k.

finally, after reinstalling OSX over my existing installation the crash is gone. sorry for the holdup.

[reaperhulk]

Glad you got it solved!