Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tests/hazmat/primitives/test_pkcs7.py::TestPKCS7SignatureBuilder::test_sign_byteslike crashes: unsafe precondition(s) violated: slice::from_raw_parts requires the pointer to be aligned and non-null, and the total size of the slice not to exceed isize::MAX #11319

Closed
mgorny opened this issue Jul 21, 2024 · 4 comments · Fixed by #11320
Closed

tests/hazmat/primitives/test_pkcs7.py::TestPKCS7SignatureBuilder::test_sign_byteslike crashes: unsafe precondition(s) violated: slice::from_raw_parts requires the pointer to be aligned and non-null, and the total size of the slice not to exceed isize::MAX #11319

mgorny opened this issue Jul 21, 2024 · 4 comments · Fixed by #11320

Comments

@mgorny
Copy link

mgorny commented Jul 21, 2024
edited
Loading

Reproduced with Python 3.12.4 (but also PyPy3.10 7.3.16 and Python 3.10.14), on top of 0e175c7 and 43.0.0 release, on Gentoo Linux amd64. rustc 1.79.0 (129f3b996 2024-06-10) (gentoo)

To reproduce:

pip install -v -e '.[test]' -Cbuild-args=--profile=dev
export RUST_BACKTRACE=1
python -m pytest -vv -s tests/hazmat/primitives/test_pkcs7.py::TestPKCS7SignatureBuilder::test_sign_byteslike

The output:

========================================================= test session starts =========================================================
platform linux -- Python 3.12.4, pytest-8.3.1, pluggy-1.5.0 -- /tmp/cryptography/.venv/bin/python
cachedir: .pytest_cache
benchmark: 4.0.0 (defaults: timer=time.perf_counter disable_gc=False min_rounds=5 min_time=0.000005 max_time=1.0 calibration_precision=10 warmup=False warmup_iterations=100000)
OpenSSL: OpenSSL 3.3.1 4 Jun 2024
FIPS Enabled: False
rootdir: /tmp/cryptography
configfile: pyproject.toml
plugins: xdist-3.6.1, cov-5.0.0, benchmark-4.0.0
collected 1 item                                                                                                                      

tests/hazmat/primitives/test_pkcs7.py::TestPKCS7SignatureBuilder::test_sign_byteslike thread '<unnamed>' panicked at library/core/src/panicking.rs:220:5:
unsafe precondition(s) violated: slice::from_raw_parts requires the pointer to be aligned and non-null, and the total size of the slice not to exceed `isize::MAX`
stack backtrace:
   0: rust_begin_unwind
   1: core::panicking::panic_nounwind_fmt
   2: core::panicking::panic_nounwind
   3: core::slice::raw::from_raw_parts::precondition_check
             at /rustc/129f3b9964af4d4a709d1383930ade12dfe7c081/library/core/src/ub_checks.rs:66:21
   4: core::slice::raw::from_raw_parts
             at /rustc/129f3b9964af4d4a709d1383930ade12dfe7c081/library/core/src/ub_checks.rs:73:17
   5: openssl::bio::MemBio::get_buf
             at /home/mgorny/.cargo/registry/src/index.crates.io-6f17d22bba15001f/openssl-0.10.65/src/bio.rs:66:13
   6: openssl::pkcs7::Pkcs7::from_smime
             at /home/mgorny/.cargo/registry/src/index.crates.io-6f17d22bba15001f/openssl-0.10.65/src/pkcs7.rs:117:22
   7: cryptography_rust::test_support::pkcs7_verify
             at ./src/rust/src/test_support.rs:77:9
   8: cryptography_rust::test_support::__pyfunction_pkcs7_verify
             at ./src/rust/src/test_support.rs:62:1
   9: pyo3::impl_::trampoline::cfunction_with_keywords::{{closure}}
             at /home/mgorny/.cargo/registry/src/index.crates.io-6f17d22bba15001f/pyo3-0.22.2/src/impl_/trampoline.rs:44:29
  10: pyo3::impl_::trampoline::trampoline::{{closure}}
             at /home/mgorny/.cargo/registry/src/index.crates.io-6f17d22bba15001f/pyo3-0.22.2/src/impl_/trampoline.rs:188:54
  11: std::panicking::try::do_call
             at /rustc/129f3b9964af4d4a709d1383930ade12dfe7c081/library/std/src/panicking.rs:559:40
  12: __rust_try
  13: std::panicking::try
             at /rustc/129f3b9964af4d4a709d1383930ade12dfe7c081/library/std/src/panicking.rs:523:19
  14: std::panic::catch_unwind
             at /rustc/129f3b9964af4d4a709d1383930ade12dfe7c081/library/std/src/panic.rs:149:14
  15: pyo3::impl_::trampoline::trampoline
             at /home/mgorny/.cargo/registry/src/index.crates.io-6f17d22bba15001f/pyo3-0.22.2/src/impl_/trampoline.rs:188:9
  16: pyo3::impl_::trampoline::cfunction_with_keywords
             at /home/mgorny/.cargo/registry/src/index.crates.io-6f17d22bba15001f/pyo3-0.22.2/src/impl_/trampoline.rs:44:13
  17: cryptography_rust::test_support::<impl cryptography_rust::test_support::pkcs7_verify::MakeDef>::_PYO3_DEF::trampoline
             at ./src/rust/src/test_support.rs:62:1
  18: <unknown>
  19: _PyObject_MakeTpCall
  20: _PyEval_EvalFrameDefault
  21: <unknown>
  22: <unknown>
  23: _PyEval_EvalFrameDefault
  24: _PyObject_FastCallDictTstate
  25: _PyObject_Call_Prepend
  26: <unknown>
  27: _PyObject_MakeTpCall
  28: _PyEval_EvalFrameDefault
  29: _PyObject_FastCallDictTstate
  30: _PyObject_Call_Prepend
  31: <unknown>
  32: _PyObject_Call
  33: _PyEval_EvalFrameDefault
  34: _PyObject_FastCallDictTstate
  35: _PyObject_Call_Prepend
  36: <unknown>
  37: _PyObject_MakeTpCall
  38: _PyEval_EvalFrameDefault
  39: _PyObject_FastCallDictTstate
  40: _PyObject_Call_Prepend
  41: <unknown>
  42: _PyObject_MakeTpCall
  43: _PyEval_EvalFrameDefault
  44: _PyObject_FastCallDictTstate
  45: _PyObject_Call_Prepend
  46: <unknown>
  47: _PyObject_MakeTpCall
  48: _PyEval_EvalFrameDefault
  49: PyEval_EvalCode
  50: <unknown>
  51: <unknown>
  52: PyObject_Vectorcall
  53: _PyEval_EvalFrameDefault
  54: <unknown>
  55: Py_RunMain
  56: Py_BytesMain
  57: <unknown>
  58: __libc_start_main
  59: _start
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
thread caused non-unwinding panic. aborting.
Fatal Python error: Aborted

Current thread 0x00007f30a6fae740 (most recent call first):
  File "/tmp/cryptography/tests/hazmat/primitives/test_pkcs7.py", line 312 in test_sign_byteslike
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/python.py", line 159 in pytest_pyfunc_call
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_callers.py", line 103 in _multicall
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_manager.py", line 120 in _hookexec
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_hooks.py", line 513 in __call__
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/python.py", line 1627 in runtest
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/runner.py", line 174 in pytest_runtest_call
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_callers.py", line 103 in _multicall
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_manager.py", line 120 in _hookexec
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_hooks.py", line 513 in __call__
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/runner.py", line 242 in <lambda>
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/runner.py", line 341 in from_call
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/runner.py", line 241 in call_and_report
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/runner.py", line 132 in runtestprotocol
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/runner.py", line 113 in pytest_runtest_protocol
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_callers.py", line 103 in _multicall
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_manager.py", line 120 in _hookexec
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_hooks.py", line 513 in __call__
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/main.py", line 362 in pytest_runtestloop
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_callers.py", line 103 in _multicall
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_manager.py", line 120 in _hookexec
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_hooks.py", line 513 in __call__
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/main.py", line 337 in _main
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/main.py", line 283 in wrap_session
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/main.py", line 330 in pytest_cmdline_main
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_callers.py", line 103 in _multicall
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_manager.py", line 120 in _hookexec
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pluggy/_hooks.py", line 513 in __call__
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/config/__init__.py", line 175 in main
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/_pytest/config/__init__.py", line 201 in console_main
  File "/tmp/cryptography/.venv/lib/python3.12/site-packages/pytest/__main__.py", line 9 in <module>
  File "<frozen runpy>", line 88 in _run_code
  File "<frozen runpy>", line 198 in _run_module_as_main

Extension modules: _cffi_backend (total: 1)
Aborted (core dumped)
@alex
Copy link
Member

alex commented Jul 21, 2024

Thanks. I'm able to verify, it's an issue in rust-openssl, so I'll send a PR to fix there momentarily.

@alex
Copy link
Member

alex commented Jul 21, 2024

sfackler/rust-openssl#2266

@alex alex linked a pull request Jul 21, 2024 that will close this issue
Bump openssl from 0.10.65 to 0.10.66 in /src/rust #11320
Merged
@reaperhulk
Copy link
Member

This issue is only reachable via tests so we're not going to issue a new release at the moment, but thank you very much for catching this @mgorny! We're also adding a new build to our CI matrix to catch this type of issue in the future and I'll send a backport momentarily so that when we do ship 43.0.1 the fix will be there 😄

@reaperhulk reaperhulk mentioned this issue Jul 21, 2024
Merged
@mgorny
Copy link
Author

mgorny commented Jul 21, 2024

Thanks!

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 20, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Bump openssl from 0.10.65 to 0.10.66 in /src/rust pyca/cryptography
3 participants
@alex @mgorny @reaperhulk