Openssl may crash on MacOS during CMS parsing
New openssl 1.1.x may crash on MacOS during CMS parsing. We have 2 reports:
- [datovka #1074997]
- [datovka #1070705]
Process: datovka [3684]
Path: /Applications/datovka.app/Contents/MacOS/datovka
Identifier: cz.nic.datovka
Version: 4.15.0 (???)
Code Type: X86-64 (Native)
Parent Process: ??? [1]
Responsible: datovka [3684]
User ID: 501
Date/Time: 2020-03-10 20:35:45.598 +0100
OS Version: Mac OS X 10.13.6 (17G11023)
Report Version: 12
Anonymous UUID: B30A13EA-2DF0-09CD-57AA-74F341A5718D
Sleep/Wake UUID: E2B16CD2-64E0-4783-8CE8-6DBF5A2D6331
Time Awake Since Boot: 13000 seconds
Time Since Wake: 3900 seconds
System Integrity Protection: enabled
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Termination Reason: DYLD, [0x4] Symbol missing
Dyld Error Message:
Symbol not found: ____chkstk_darwin
Referenced from: /Applications/datovka.app/Contents/MacOS/../Frameworks/libcrypto.1.1.dylib (which was built for Mac OS X 10.15)
Expected in: /usr/lib/libSystem.B.dylib
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 dyld 0x000000010a727256 __abort_with_payload + 10
1 dyld 0x000000010a726bc8 abort_with_payload_wrapper_internal + 89
2 dyld 0x000000010a726bf5 abort_with_payload + 9
3 dyld 0x000000010a6fa482 dyld::halt(char const*) + 354
4 dyld 0x000000010a6fa5a9 dyld::fastBindLazySymbol(ImageLoader**, unsigned long) + 170
5 libdyld.dylib 0x00007fff7bba4292 dyld_stub_binder + 282
6 ??? 0x000000010ad16410 0 + 4476462096
7 libcrypto.1.1.dylib 0x000000010ab83e47 CMS_verify + 1303
8 cz.nic.datovka 0x0000000109f8f504 cms_verify_signature + 212
9 cz.nic.datovka 0x0000000109f8f9b8 raw_tst_verify + 168
10 cz.nic.datovka 0x000000010a11a715 MessageDb::descriptionHtml(long long, bool) + 32869
11 cz.nic.datovka 0x000000010a007fca MainWindow::messageItemsSelectionChanged(QItemSelection const&, QItemSelection const&) + 1450
12 org.qt-project.QtCore 0x000000010beadaf5 void doActivate<false>(QObject*, int, void**) + 1477
13 org.qt-project.QtCore 0x000000010be3d3db QItemSelectionModel::emitSelectionChanged(QItemSelection const&, QItemSelection const&) + 1851
14 org.qt-project.QtCore 0x000000010be3c706 QItemSelectionModel::select(QItemSelection const&, QFlags<QItemSelectionModel::SelectionFlag>) + 854
15 org.qt-project.QtWidgets 0x000000010b10a0ce QTableView::setSelection(QRect const&, QFlags<QItemSelectionModel::SelectionFlag>) + 3038
16 org.qt-project.QtWidgets 0x000000010b0b40d1 QAbstractItemView::mousePressEvent(QMouseEvent*) + 1233
17 org.qt-project.QtWidgets 0x000000010ae84dd8 QWidget::event(QEvent*) + 424
18 org.qt-project.QtWidgets 0x000000010af2c87d QFrame::event(QEvent*) + 45
19 org.qt-project.QtWidgets 0x000000010b0b3ae9 QAbstractItemView::viewportEvent(QEvent*) + 1417
20 org.qt-project.QtCore 0x000000010be7abc4 QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) + 148
21 org.qt-project.QtWidgets 0x000000010ae4a3c5 QApplicationPrivate::notify_helper(QObject*, QEvent*) + 245
22 org.qt-project.QtWidgets 0x000000010ae4d2b2 QApplication::notify(QObject*, QEvent*) + 7330
23 org.qt-project.QtCore 0x000000010be7a914 QCoreApplication::notifyInternal2(QObject*, QEvent*) + 212
24 org.qt-project.QtWidgets 0x000000010ae4ad00 QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) + 896
25 org.qt-project.QtWidgets 0x000000010aea3cf8 QWidgetWindow::handleMouseEvent(QMouseEvent*) + 1704
26 org.qt-project.QtWidgets 0x000000010aea29e5 QWidgetWindow::event(QEvent*) + 229
27 org.qt-project.QtWidgets 0x000000010ae4a3da QApplicationPrivate::notify_helper(QObject*, QEvent*) + 266
28 org.qt-project.QtWidgets 0x000000010ae4b866 QApplication::notify(QObject*, QEvent*) + 598
29 org.qt-project.QtCore 0x000000010be7a914 QCoreApplication::notifyInternal2(QObject*, QEvent*) + 212
30 org.qt-project.QtGui 0x000000010b4af8a5 QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) + 3397
31 org.qt-project.QtGui 0x000000010b49589b QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 219
32 libqcocoa.dylib 0x000000010de16290 QCocoaEventDispatcherPrivate::processPostedEvents() + 320
33 libqcocoa.dylib 0x000000010de169f8 QCocoaEventDispatcherPrivate::postedEventsSourceCallback(void*) + 40
34 com.apple.CoreFoundation 0x00007fff53be5ca1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
35 com.apple.CoreFoundation 0x00007fff53c9dffc __CFRunLoopDoSource0 + 108
36 com.apple.CoreFoundation 0x00007fff53bc8c50 __CFRunLoopDoSources0 + 208
37 com.apple.CoreFoundation 0x00007fff53bc80cd __CFRunLoopRun + 1293
38 com.apple.CoreFoundation 0x00007fff53bc7927 CFRunLoopRunSpecific + 487
39 com.apple.HIToolbox 0x00007fff52ea7d96 RunCurrentEventLoopInMode + 286
40 com.apple.HIToolbox 0x00007fff52ea7a0f ReceiveNextEventCommon + 366
41 com.apple.HIToolbox 0x00007fff52ea7884 _BlockUntilNextEventMatchingListInModeWithFilter + 64
42 com.apple.AppKit 0x00007fff51154a3b _DPSNextEvent + 2085
43 com.apple.AppKit 0x00007fff518eae34 -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 3044
44 com.apple.AppKit 0x00007fff5114984d -[NSApplication run] + 764
45 libqcocoa.dylib 0x000000010de15773 QCocoaEventDispatcher::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 2579
46 org.qt-project.QtCore 0x000000010be7699f QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 431
47 org.qt-project.QtCore 0x000000010be7af22 QCoreApplication::exec() + 130
48 cz.nic.datovka 0x000000010a19904e main + 8750
49 cz.nic.datovka 0x0000000109f63e44 start + 52
Process: datovka [886]
Path: /Applications/datovka.app/Contents/MacOS/datovka
Identifier: datovka
Version: 4.15.0 (???)
Code Type: X86-64 (Native)
Parent Process: ??? [1]
Responsible: datovka [886]
User ID: 501
Date/Time: 2020-03-26 18:18:20.286 +0100
OS Version: Mac OS X 10.13.6 (17G11023)
Report Version: 12
Anonymous UUID: B30A13EA-2DF0-09CD-57AA-74F341A5718D
Time Awake Since Boot: 430 seconds
System Integrity Protection: enabled
Crashed Thread: 9 WorkerThread
Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Termination Reason: DYLD, [0x4] Symbol missing
Dyld Error Message:
Symbol not found: ____chkstk_darwin
Referenced from: /Applications/datovka.app/Contents/MacOS/../Frameworks/libcrypto.1.1.dylib (which was built for Mac OS X 10.15)
Expected in: /usr/lib/libSystem.B.dylib
Thread 9 Crashed:: WorkerThread
0 dyld 0x00000001134b1256 __abort_with_payload + 10
1 dyld 0x00000001134b0bc8 abort_with_payload_wrapper_internal + 89
2 dyld 0x00000001134b0bf5 abort_with_payload + 9
3 dyld 0x0000000113484482 dyld::halt(char const*) + 354
4 dyld 0x00000001134845a9 dyld::fastBindLazySymbol(ImageLoader**, unsigned long) + 170
5 libdyld.dylib 0x00007fff7e20a292 dyld_stub_binder + 282
6 ??? 0x000000010bb15410 0 + 4491138064
7 libcrypto.1.1.dylib 0x000000010b982e47 CMS_verify + 1303
8 cz.nic.datovka 0x000000010ae5e504 cms_verify_signature + 212
9 cz.nic.datovka 0x000000010ae5f03d raw_cms_signing_cert + 157
10 cz.nic.datovka 0x000000010b00e223 MessageDb::insertOrReplaceCompleteMessageRaw(long long, QByteArray const&, int) + 563
11 cz.nic.datovka 0x000000010b0ba0a7 Task::storeMessage(bool, MessageDirection, MessageDbSet&, Isds::Message const&, QString const&) + 391
12 cz.nic.datovka 0x000000010b0bd9f8 TaskDownloadMessage::downloadMessage(AcntIdDb const&, MessageDb::MsgId&, bool, MessageDirection, QString&, QString&, QString const&) + 1528
13 cz.nic.datovka 0x000000010b0bcd0b TaskDownloadMessage::run() + 1195
14 cz.nic.datovka 0x000000010aebbf40 WorkerPool::run(WorkerPool*) + 272
15 org.qt-project.QtCore 0x000000010cb09489 QThreadPrivate::start(void*) + 329
16 libsystem_pthread.dylib 0x00007fff7e522661 _pthread_body + 340
17 libsystem_pthread.dylib 0x00007fff7e52250d _pthread_start + 377
18 libsystem_pthread.dylib 0x00007fff7e521bf9 thread_start + 13