Bug ID: 6649721 elfsign sign/verify with missing certificate can dump core

Bug ID	6649721
Synopsis	elfsign sign/verify with missing certificate can dump core
State	10-Fix Delivered (Fix available in build)
Category:Subcategory	solaris-crypto:libelfsign
Keywords
Responsible Engineer	John Zolnowsky
Reported Against	snv_77
Duplicate Of
Introduced In	solaris_nevada
Commit to Fix	snv_84
Fixed In	snv_84
Release Fixed	solaris_nevada(snv_84)
Related Bugs	6592898
Submit Date	11-January-2008
Last Update Date	27-February-2008
Description	Under some circumstances, invocations of elfsign to sign or verify, where the certificate path provided refers to a non-existant object, can result in a core dump. The tests elfsign_006 and elfsign_013 in the stc2 ef test suite make such invocations. This will always happen with libumem debugging options. LD_PRELOAD=libumem.so \ UMEM_DEBUG=default,audit=30 \ UMEM_LOGGING=transaction=512k \ elfsign verify -v -c /nosuchcert -e /usr/bin/elfsign While analyzing this bug, I came across a couple of other cases of poorly generated or checked error codes, particularly in usr/src/cmd/cmd-crypt/elfsign/elfsign.c's getelfobj() and setcertpath().
Work Around	N/A
Comments	N/A

OpenSolaris