Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-4686

Undefined behavior in ed25519 plugin

    XMLWordPrintable

Details

    • MXS-SPRINT-192

    Description

      As mentioned in MDEV-31801, the cryptography implementation has undefined behavior in it that is reported by UBSAN. The same happens in MaxScale when the ed25519 plugin is used with MaxScale that's compiled with UBSAN.

      /home/timofey_turenko_mariadb_com/MaxScale/server/modules/authenticator/Ed25519/ref10/fe_sq.c:121:76: runtime error: left shift of negative value -46510040
          #0 0x7fa9aa7079af in mxs_ed25519_ref10_fe_sq /home/timofey_turenko_mariadb_com/MaxScale/server/modules/authenticator/Ed25519/ref10/fe_sq.c:121
          #1 0x7fa9aa6e3a87 in mxs_ed25519_ref10_ge_frombytes_negate_vartime /home/timofey_turenko_mariadb_com/MaxScale/server/modules/authenticator/Ed25519/ref10/ge_frombytes.c:21
          #2 0x7fa9aa6e0c01 in crypto_sign_open /home/timofey_turenko_mariadb_com/MaxScale/server/modules/authenticator/Ed25519/ref10/open.c:24
          #3 0x7fa9aa6bfbf5 in Ed25519ClientAuthenticator::ed_check_signature(mariadb::AuthenticationData const&, unsigned char const*, unsigned char const*, unsigned long) /home/timofey_turenko_mariadb_com/MaxScale/server/modules/authenticator/Ed25519/ed25519_auth.cc:427
          #4 0x7fa9aa6be8ac in Ed25519ClientAuthenticator::authenticate(MYSQL_session*, mariadb::AuthenticationData&) /home/timofey_turenko_mariadb_com/MaxScale/server/modules/authenticator/Ed25519/ed25519_auth.cc:348
          #5 0x7fa9bd9e4f8e in MariaDBClientConnection::perform_check_token(MariaDBClientConnection::AuthType) /home/timofey_turenko_mariadb_com/MaxScale/server/modules/protocol/MariaDB/mariadb_client.cc:2683
          #6 0x7fa9bd9bf061 in MariaDBClientConnection::process_authentication(MariaDBClientConnection::AuthType) /home/timofey_turenko_mariadb_com/MaxScale/server/modules/protocol/MariaDB/mariadb_client.cc:747
          #7 0x7fa9bd9cce21 in MariaDBClientConnection::ready_for_reading(DCB*) /home/timofey_turenko_mariadb_com/MaxScale/server/modules/protocol/MariaDB/mariadb_client.cc:1573
          #8 0x7fa9bd20e8b8 in DCB::process_events(unsigned int) /home/timofey_turenko_mariadb_com/MaxScale/server/core/dcb.cc:1366
          #9 0x7fa9bd20f7d6 in DCB::event_handler(unsigned int) /home/timofey_turenko_mariadb_com/MaxScale/server/core/dcb.cc:1427
          #10 0x7fa9bd20fddf in DCB::handle_poll_events(maxbase::Worker*, unsigned int, maxbase::Pollable::Context) /home/timofey_turenko_mariadb_com/MaxScale/server/core/dcb.cc:1471
          #11 0x7fa9bdc16403 in maxbase::Worker::deliver_events(unsigned long, std::chrono::time_point<std::chrono::_V2::steady_clock, std::chrono::duration<long, std::ratio<1l, 1000000000l> > >, maxbase::Pollable*, unsigned int, maxbase::Pollable::Context) /home/timofey_turenko_mariadb_com/MaxScale/maxutils/maxbase/src/worker.cc:1108
          #12 0x7fa9bdc19457 in maxbase::Worker::poll_waitevents() /home/timofey_turenko_mariadb_com/MaxScale/maxutils/maxbase/src/worker.cc:1232
          #13 0x7fa9bdc13467 in maxbase::Worker::run(maxbase::Semaphore*) /home/timofey_turenko_mariadb_com/MaxScale/maxutils/maxbase/src/worker.cc:871
          #14 0x7fa9bdc156d8 in maxbase::Worker::thread_main(maxbase::Worker*, maxbase::Semaphore*) /home/timofey_turenko_mariadb_com/MaxScale/maxutils/maxbase/src/worker.cc:999
          #15 0x7fa9bdc2906e in void std::__invoke_impl<void, void (*)(maxbase::Worker*, maxbase::Semaphore*), maxbase::Worker*, maxbase::Semaphore*>(std::__invoke_other, void (*&&)(maxbase::Worker*, maxbase::Semaphore*), maxbase::Worker*&&, maxbase::Semaphore*&&) /usr/include/c++/8/bits/invoke.h:60
          #16 0x7fa9bdc242b4 in std::__invoke_result<void (*)(maxbase::Worker*, maxbase::Semaphore*), maxbase::Worker*, maxbase::Semaphore*>::type std::__invoke<void (*)(maxbase::Worker*, maxbase::Semaphore*), maxbase::Worker*, maxbase::Semaphore*>(void (*&&)(maxbase::Worker*, maxbase::Semaphore*), maxbase::Worker*&&, maxbase::Semaphore*&&) /usr/include/c++/8/bits/invoke.h:95
          #17 0x7fa9bdc3e1a9 in decltype (__invoke((_S_declval<0ul>)(), (_S_declval<1ul>)(), (_S_declval<2ul>)())) std::thread::_Invoker<std::tuple<void (*)(maxbase::Worker*, maxbase::Semaphore*), maxbase::Worker*, maxbase::Semaphore*> >::_M_invoke<0ul, 1ul, 2ul>(std::_Index_tuple<0ul, 1ul, 2ul>) /usr/include/c++/8/thread:244
          #18 0x7fa9bdc3dfa6 in std::thread::_Invoker<std::tuple<void (*)(maxbase::Worker*, maxbase::Semaphore*), maxbase::Worker*, maxbase::Semaphore*> >::operator()() /usr/include/c++/8/thread:253
          #19 0x7fa9bdc3dacf in std::thread::_State_impl<std::thread::_Invoker<std::tuple<void (*)(maxbase::Worker*, maxbase::Semaphore*), maxbase::Worker*, maxbase::Semaphore*> > >::_M_run() /usr/include/c++/8/thread:196
          #20 0x7fa9b89e9b12  (/lib64/libstdc++.so.6+0xc2b12)
          #21 0x7fa9b97f71c9 in start_thread (/lib64/libpthread.so.0+0x81c9)
          #22 0x7fa9b68dae72 in __clone (/lib64/libc.so.6+0x39e72)
      

      Attachments

        Issue Links

          Activity

            People

              esa.korhonen Esa Korhonen
              markus makela markus makela
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.