asfenbliss.blogg.se

31 Augusti 2022 - 02:38
Qtox user list
Allmänt
Qtox user list




qtox user list

++ EVP_CipherInit_ex(ectx, NULL, NULL, key, iv, mode) + EVP_CipherInit(ectx, NULL, key, iv, mode) + EVP_CIPHER_CTX_set_padding(ectx, 0) // no padding ++ EVP_CipherInit_ex(ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, NULL, mode) + EVP_CipherInit(ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, mode) Static int sqlcipher_openssl_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) -36,22 +36,21 OPENSSL_VERSION_NUMBER >= 0x1011L Static int sqlcipher_openssl_hmac(void *ctx, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) -26,7 +26,7 -172,9 +182,23 -160,9 +170,22 static int sqlcipher_openssl_kdf(void *c * support building with openssl 1.1 (Closes: #828555)ĭiff -git a/sqlcipher-3.2.0.old/debian/patches/33-openssl_1.1.patch b/sqlcipher-3.2.0/debian/patches/33-openssl_1.1.patch Sqlcipher (3.2.0-2) unstable urgency=medium

qtox user list

Butĭiff -git a/sqlcipher-3.2.0.old/debian/changelog b/sqlcipher-3.2.0/debian/changelog Leave it as is for now as I don't know the policy here for sure. IMO this deserves the "grave" severity, but as it's release time I'll TheĬurrent situation is grave, rendering the package unusable. So dear maintainer, please apply this or an equivalent patch.

#Qtox user list Patch#

Leaves some parts improperly initialized.Īttached is a fairly trivial patch changing the calls as mentioned. I guess somehow EVP_CipherInit() doesn't work properly in this case and > =26696= Address 0x12 is not stack'd, malloc'd or (recently) free'd Trace is fully inside sqlite and down it's likely the same anywhere): Memory access right before the crash (taken with qTox, but as the call In the current situation (before patching) Valgrind reports an invalid It doesn't really suggest why it would fix And as far as I can read in the OpenSSL documentation, that change I don't know OpenSSL much either, but I can confirm that changing theĮVP_CipherInit() calls to EVP_CipherInit_ex() ones (adding the requiredĮxtra parameter, obviously) in 33-openssl_1.1.patch fixes the issue for > know if this is a bad usage on the side of sqlcipher, or it's just a bug in > Note that it just uses the _ex version. > - EVP_CipherInit(ectx, NULL, key, iv, mode) > + EVP_CipherInit_ex(ectx, NULL, NULL, key, iv, mode)

qtox user list

> They key to avoid the segfault is this line in the sqlcipher_openssl_cipher > I'm facing the same issue in pysqlcipher.






Qtox user list
0 kommentar(er)
Om Mig: