We are using osslsigncode tool to code sign executables with pkcs11 engine from OpenSC and libkmsp11 module. Example of command line:
./osslsigncode sign -pkcs11engine pkcs11.so -pkcs11module libkmsp11.so -certs cert.pem -key pkcs11:object=KEY-ID -h sha256 -addUnauthenticatedBlob -in file -out tmp
This fails with signal: segmentation fault (core dumped) and following is stack trace obtained by gdb from core dump:
#0 0x000079575a232d80 in bssl::CERT::~CERT() () from libkmsp11.so
#1 0x000079575a21f59a in bssl::SSL_CONFIG::~SSL_CONFIG() () from libkmsp11.so
#2 0x000079575a21ed16 in ssl_st::~ssl_st() () from libkmsp11.so
#3 0x000079575a21f6e3 in SSL_free () from libkmsp11.so
#4 0x000079575a21c1c5 in ssl_protector_destroy(tsi_frame_protector*) () from libkmsp11.so
#5 0x000079575a458b69 in secure_endpoint_unref((anonymous namespace)::secure_endpoint*) () from libkmsp11.so
#6 0x000079575a15da6c in grpc_chttp2_transport::~grpc_chttp2_transport() () from libkmsp11.so
#7 0x000079575a16f982 in grpc_core::(anonymous namespace)::InitTransportClosure<&(read_action_locked(grpc_core::RefCountedPtr<grpc_chttp2_transport>, absl::Status))>(grpc_core::RefCountedPtr<grpc_chttp2_transport>, grpc_closure*)::{lambda(void*, absl::Status)#1}::__invoke(void*, absl::Status) ()
from libkmsp11.so
#8 0x000079575a5373e3 in grpc_combiner_continue_exec_ctx() () from libkmsp11.so
#9 0x000079575a537fee in grpc_core::ExecCtx::Flush() () from libkmsp11.so
#10 0x000079575a537ec9 in void absl::internal_any_invocable::LocalInvoker<false, void, queue_offload(grpc_core::Combiner*)::$_0&>(absl::internal_any_invocable::TypeErasedState*) () from libkmsp11.so
#11 0x000079575a51d600 in grpc_event_engine::experimental::SelfDeletingClosure::Run() () from libkmsp11.so
#12 0x000079575a51d09d in grpc_event_engine::experimental::WorkStealingThreadPool::ThreadState::Step() () from libkmsp11.so
#13 0x000079575a51cee8 in grpc_event_engine::experimental::WorkStealingThreadPool::ThreadState::ThreadBody() () from libkmsp11.so
#14 0x000079575a51d62f in grpc_event_engine::experimental::WorkStealingThreadPool::WorkStealingThreadPoolImpl::StartThread()::$_0::__invoke(void*) () from libkmsp11.so
#15 0x000079575a54a2fc in grpc_core::(anonymous namespace)::ThreadInternalsPosix::ThreadInternalsPosix(char const*, void (*)(void*), void*, bool*, grpc_core::Thread::Options const&)::{lambda(void*)#1}::__invoke(void*) () from libkmsp11.so
#16 0x000079575ac9caa4 in ?? () from core.2718761.packed/lib/x86_64-linux-gnu/libc.so.6
#17 0x000079575ad29c3c in ?? () from core.2718761.packed/lib/x86_64-linux-gnu/libc.so.6
I do not have exact steps for reproduction, it occurs randomly and not very often, something like once in 1000 invocations of the tool.
Happens on: Ubuntu 24.04.2 LTS
Versions of the tool and libs are following:
- osslsigncode: 2.8
- libpcks11: 0.4.16
- libkmsp11: 1.8
We are using osslsigncode tool to code sign executables with pkcs11 engine from OpenSC and libkmsp11 module. Example of command line:
This fails with
signal: segmentation fault (core dumped)and following is stack trace obtained bygdbfrom core dump:I do not have exact steps for reproduction, it occurs randomly and not very often, something like once in 1000 invocations of the tool.
Happens on: Ubuntu 24.04.2 LTS
Versions of the tool and libs are following: