v2.8 regression: SIGSEGV in BIO_free
tim77 opened this issue · 2 comments
tim77 commented
Description of problem:
SIGSEGV in BIO_free
Affected version: v2.8.
v2.7 does not crash.
Steps to Reproduce:
Test with a copy of a recent kernel:
$ file vmlinuz-1.bin
vmlinuz-1.bin: Linux kernel x86 boot executable bzImage, version 6.8.7-200.fc39.x86_64 (mockbuild@45dd5688efad44f5b0bb641c76b5468d) #1 SMP PREEMPT_DYNAMIC Wed Apr 17 19:35:11 UTC 2024, RO-rootFS, swap_dev 0XE, Normal VGA
$ osslsigncode extract-signature -in vmlinuz-1.bin -out vmlinuz-1.sig
Current PE checksum : 00000000
Calculated PE checksum: 00E34572
Warning: invalid PE checksum
Corrupted attribute certificate table
Attribute certificate table size : 00000D48
Attribute certificate entry length: 00000762
Unable to extract existing signature
Segmentation fault (core dumped)
Actual results:
Program received signal SIGSEGV, Segmentation fault.
Downstream bug report
- https://bugzilla.redhat.com/show_bug.cgi?id=2277444
- https://retrace.fedoraproject.org/faf/reports/960359/
Additional info
Spec file: https://src.fedoraproject.org/rpms/osslsigncode/blob/rawhide/f/osslsigncode.spec