oss-sec mailing list archives
Re: Asserts considered harmful (or GMP spills its sensitive information)
From: Jeffrey Walton <noloader () gmail com>
Date: Tue, 1 Jan 2019 11:45:39 -0500
On Tue, Jan 1, 2019 at 11:19 AM Torbjörn Granlund <tg () gmplib org> wrote:
The assert that Jeffrey has hit is in sec_powm.c, ASSERT_ALWAYS (enb >= windowsize); As far as I can see, "enb" is the input argument to the win_size function, and "windowsize" is the return value. I'm waiting for more information, since it works fine in my build. Possible explanations I see are A reasonable assumption is that this user has modified the sources to cause this bug. The motive would be to support his auxesis about how insecure GMP is.
My bad, I did not mean to imply this was a problem with GMP only. GMP has a lot of company, like GnuPG and OpenSSL. I believe the assumption is incorrect. The sources were not modified, and a standard (?) 'configure; make; make check' was used. The reproducer script is available at https://www.openwall.com/lists/oss-security/2018/12/31/1; see test-gmp.sh.txt. For completeness here's a quick audit of some security libraries. Botan, Crypto++ and OpenSSL use -DNDEBUG to remove asserts from production/release builds. They use asserts as a debugging/diagnostic aide. They don't depend on crashing the program and risk egressing sensitive information outside the app's security boundary. gmp-6.1.2$ grep -iIR assert | wc -l 4867 openssl-1.0.2$ grep -iIR assert | wc -l 436 libgcrypt-1.8.4$ grep -iIR assert | wc -l 245 gnupg-2.2.12$ grep -iIR assert | wc -l 1337 cryptopp-8.0$ grep -iIR assert | wc -l 1123 botan-2.8$ grep -iIR assert | wc -l 746 Cheers, Jeff
Current thread:
- Re: Disabling ptrace, (continued)
- Re: Disabling ptrace Jakub Wilk (Jan 02)
- Re: Disabling ptrace Niels Möller (Jan 02)
- Re: Disabling ptrace Jakub Wilk (Jan 02)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Simon McVittie (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) halfdog (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 02)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) halfdog (Jan 02)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Simon McVittie (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Vincent Lefevre (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Torbjörn Granlund (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 06)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 06)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 03)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Torbjörn Granlund (Jan 03)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 03)