From owner-freebsd-ports-bugs@FreeBSD.ORG Wed May 22 01:40:01 2013 Return-Path: Delivered-To: freebsd-ports-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 3268D4EB for ; Wed, 22 May 2013 01:40:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 1241FD5C for ; Wed, 22 May 2013 01:40:01 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r4M1e0QS063494 for ; Wed, 22 May 2013 01:40:00 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r4M1e0sx063492; Wed, 22 May 2013 01:40:00 GMT (envelope-from gnats) Resent-Date: Wed, 22 May 2013 01:40:00 GMT Resent-Message-Id: <201305220140.r4M1e0sx063492@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Michael Gmelin Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 90D494D9 for ; Wed, 22 May 2013 01:38:12 +0000 (UTC) (envelope-from freebsd@grem.de) Received: from mail.grem.de (outcast.grem.de [213.239.217.27]) by mx1.freebsd.org (Postfix) with SMTP id E4516D56 for ; Wed, 22 May 2013 01:38:11 +0000 (UTC) Received: (qmail 49299 invoked by uid 0); 22 May 2013 01:31:28 -0000 Message-Id: <20130522013128.49298.qmail@mail.grem.de> Date: 22 May 2013 01:31:28 -0000 From: Michael Gmelin To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: ports/178827: [PATCH] security/cryptopp: Bug in libc++ causes key generation to get stuck in endless loop Cc: delphij@FreeBSD.org X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 May 2013 01:40:01 -0000 >Number: 178827 >Category: ports >Synopsis: [PATCH] security/cryptopp: Bug in libc++ causes key generation to get stuck in endless loop >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed May 22 01:40:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Michael Gmelin >Release: FreeBSD 9.1-RELEASE amd64 >Organization: Grem Equity GmbH >Environment: System: FreeBSD bsd64.grem.de 9.1-RELEASE-p2 FreeBSD 9.1-RELEASE-p2 #4 r249052: Wed Apr 3 18:26:19 UTC >Description: Due to a bug in the version of libc++ shipping with FreeBSD 9.1-RELEASE, RSA key generation - and most likely other operations depending on class PrimeSieve - gets stuck in an endless loop when compiled using libc++ (CXXFLAGS+= -std=c++11 -stdlib=libc++). The problem has been reported last year: http://sourceforge.net/apps/trac/cryptopp/ticket/17 http://old.nabble.com/keygeneration-on-ios-using-clang(libc%2B%2B)-never-terminates-td34614981.html It is caused by libc++'s implementation of std::find returning invalid results when operating on std::vector (read: bitsets). The problem has already been fixed in libc++: http://llvm.org/viewvc/llvm-project?view=revision&revision=156546 which is also part of release 3.2 of the library. Unfortunately this is not available in any release version of FreeBSD yet. The attached patch works around this problem by conditionally replacing the call to std::find with a hand written loop in case clang and an affected version libc++ are detected. For all other compilers as well as versions of libc++ the code is not altered at all. The ABI stays stable, so there won't be any unpleasant surprises when upgrading the port at a later point in time using an updated version of libc++, e.g. after upgrading to 9.2-RELEASE. The maintainer might want to communicate this issue upstream as well, it's not limited to FreeBSD. Added file(s): - files/patch-nbtheory.cpp Port maintainer (delphij@FreeBSD.org) is cc'd. Generated with FreeBSD Port Tools 0.99_6 (mode: change, diff: suffix) >How-To-Repeat: Requires a clang and libc++ enabled FreeBSD 9.1-RELEASE installation. cd /usr/ports/security/cryptopp CXX=clang++ CXXFLAGS="-std=c++11 -stdlib=libc++" \ make WITHOUT=STATIC install clean cat >/tmp/test.cpp < #include #include #include using namespace CryptoPP; int main() { AutoSeededRandomPool rng; InvertibleRSAFunction privkey; privkey.Initialize(rng, 2048, 4); } EOF clang++ -pthread -std=c++11 -stdlib=libc++ -I/usr/local/include \ -L/usr/local/lib -lcryptopp -o /tmp/test /tmp/test.cpp /tmp/test This is supposed to return immediately, but is hanging indefinitely instead. >Fix: Apply the patch attached to this PR and update the package: cd /usr/ports/security/cryptopp patch -p1 ++ std::vector::iterator pos = m_sieve.begin()+m_next; ++ for (std::vector::iterator end = m_sieve.end(); pos != end; ++pos) ++ { ++ if (*pos == false) ++ break; ++ } ++ bool safe = SafeConvert(pos - m_sieve.begin(), m_next); ++#else + bool safe = SafeConvert(std::find(m_sieve.begin()+m_next, m_sieve.end(), false) - m_sieve.begin(), m_next); ++#endif + assert(safe); + if (m_next == m_sieve.size()) + { --- cryptopp-5.6.1_3.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: