Comments (6)
Hi, it's a really kludgy solution but you could probably use reflection to set SCrypt.native_library_loaded to false.
Could you share the parameters you're passing when this crash happens? I'd certainly like to find and fix the problem, assuming it's not something to do with that really old OpenJDK build.
from scrypt.
Hi wg,
I am struggling to isolate the issue. I will for sure let you know if I have narrowed it down.
But what do you mean by "old" OpenJDK ;) It's the current version on aws linux ami's as well as the next debian release (wheezy, not current stable!).
In any case, it would be great to have a non-kludgy way of switching to pure java impl.
from scrypt.
here below is how to reproduce. I used v 1.3.2, but it crashes also with 1.3.3. I can reproduce it also on an amazon linux ami, which is similar to RHEL 5 (or 6? anyway, same jvm as above).
I know, the parameters are not very meaningful. They were given in some testcode where the MCF was some crap. But still, crashing the VM because of that ... I spent almost a day to figure out if it is something serious or not.
sm@debian64sim:/tmp$ cat >A.java
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import com.lambdaworks.crypto.SCrypt;
public class A {
public static void main(String args[]) throws UnsupportedEncodingException, GeneralSecurityException {
byte[] plaintext = new byte[]{0, 49, 0, 50};
byte[] salt=new byte[] {-29, -98};
int N = 1;
int r=1;
int p=3;
SCrypt.scrypt(plaintext, salt, N, r, p, 32);
}
}
sm@debian64sim:/tmp$ javac -cp scrypt-1.3.2.jar A.java
sm@debian64sim:/tmp$ java -cp .:scrypt-1.3.2.jar A
*** glibc detected *** java: double free or corruption (!prev): 0x0000000000d12040 ***
======= Backtrace: =========
/lib/libc.so.6(+0x71e16)[0x7ffb1398de16]
/lib/libc.so.6(cfree+0x6c)[0x7ffb13992b8c]
/tmp/scrypt4290429745826613889lib(crypto_scrypt+0x4e1)[0x7ffb0d4e91d1]
/tmp/scrypt4290429745826613889lib(scryptN+0xee)[0x7ffb0d4e937e]
[0x7ffb0e523d28]
======= Memory map: ========
00400000-00409000 r-xp 00000000 08:01 66401 /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java
00608000-00609000 rw-p 00008000 08:01 66401 /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java
00b22000-00f29000 rw-p 00000000 00:00 0 [heap]
cc000000-cca70000 rw-p 00000000 00:00 0
cca70000-d9e00000 rw-p 00000000 00:00 0
d9e00000-db2f0000 rw-p 00000000 00:00 0
db2f0000-f5a00000 rw-p 00000000 00:00 0
f5a00000-f6ec0000 rw-p 00000000 00:00 0
f6ec0000-100000000 rw-p 00000000 00:00 0
7ffb08000000-7ffb08021000 rw-p 00000000 00:00 0
7ffb08021000-7ffb0c000000 ---p 00000000 00:00 0
7ffb0d4e8000-7ffb0d4ec000 r-xp 00000000 08:01 344097 /tmp/scrypt4290429745826613889lib (deleted)
7ffb0d4ec000-7ffb0d6eb000 ---p 00004000 08:01 344097 /tmp/scrypt4290429745826613889lib (deleted)
7ffb0d6eb000-7ffb0d6ec000 r--p 00003000 08:01 344097 /tmp/scrypt4290429745826613889lib (deleted)
7ffb0d6ec000-7ffb0d6ed000 rw-p 00004000 08:01 344097 /tmp/scrypt4290429745826613889lib (deleted)
7ffb0d6ed000-7ffb0d6f1000 r--s 0007d000 08:01 65844 /usr/lib/jvm/java-6-openjdk-common/jre/lib/jsse.jar
7ffb0d6f1000-7ffb0d6f2000 r--s 0000c000 08:01 344086 /tmp/scrypt-1.3.2.jar
7ffb0d6f2000-7ffb0d6f3000 r--s 00007000 08:01 35530 /usr/share/java/java-atk-wrapper.jar
7ffb0d6f3000-7ffb0d6f6000 r--s 00031000 08:01 65821 /usr/lib/jvm/java-6-openjdk-common/jre/lib/ext/sunjce_provider.jar
7ffb0d6f6000-7ffb0d6fa000 r--s 00038000 08:01 65819 /usr/lib/jvm/java-6-openjdk-common/jre/lib/ext/sunpkcs11.jar
7ffb0d6fa000-7ffb0d6fd000 r--s 00077000 08:01 65817 /usr/lib/jvm/java-6-openjdk-common/jre/lib/ext/localedata.jar
7ffb0d6fd000-7ffb0d6fe000 ---p 00000000 00:00 0
7ffb0d6fe000-7ffb0d7fe000 rw-p 00000000 00:00 0
7ffb0d7fe000-7ffb0d801000 ---p 00000000 00:00 0
7ffb0d801000-7ffb0d8ff000 rw-p 00000000 00:00 0
7ffb0d8ff000-7ffb0d902000 ---p 00000000 00:00 0
7ffb0d902000-7ffb0da00000 rw-p 00000000 00:00 0
7ffb0da00000-7ffb0da03000 ---p 00000000 00:00 0
7ffb0da03000-7ffb0db01000 rw-p 00000000 00:00 0
7ffb0db01000-7ffb0db04000 ---p 00000000 00:00 0
7ffb0db04000-7ffb0dc02000 rw-p 00000000 00:00 0
7ffb0dc02000-7ffb0dd77000 r--p 00000000 08:01 26210 /usr/lib/locale/locale-archive
7ffb0dd77000-7ffb0dd7a000 ---p 00000000 00:00 0
7ffb0dd7a000-7ffb0de78000 rw-p 00000000 00:00 0
7ffb0de78000-7ffb0de7b000 ---p 00000000 00:00 0
7ffb0de7b000-7ffb0df79000 rw-p 00000000 00:00 0
7ffb0df79000-7ffb0df7a000 ---p 00000000 00:00 0
7ffb0df7a000-7ffb0e0ad000 rw-p 00000000 00:00 0
7ffb0e0ad000-7ffb0e23f000 r--s 037c2000 08:01 66446 /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/rt.jar
7ffb0e23f000-7ffb0e24a000 rw-p 00000000 00:00 0
7ffb0e24a000-7ffb0e293000 rw-p 00000000 00:00 0
7ffb0e293000-7ffb0e29e000 rw-p 00000000 00:00 0
7ffb0e29e000-7ffb0e372000 rw-p 00000000 00:00 0
7ffb0e372000-7ffb0e378000 rw-p 00000000 00:00 0
7ffb0e378000-7ffb0e3e1000 rw-p 00000000 00:00 0
7ffb0e3e1000-7ffb0e3ec000 rw-p 00000000 00:00 0
7ffb0e3ec000-7ffb0e4bf000 rw-p 00000000 00:00 0
7ffb0e4bf000-7ffb0e4ca000 rw-p 00000000 00:00 0
7ffb0e4ca000-7ffb0e512000 rw-p 00000000 00:00 0
7ffb0e512000-7ffb0e513000 rw-p 00000000 00:00 0
7ffb0e513000-7ffb0e783000 rwxp 00000000 00:00 0
7ffb0e783000-7ffb11513000 rw-p 00000000 00:00 0
7ffb11513000-7ffb1151a000 r-xp 00000000 08:01 66431 /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/amd64/libzip.so
7ffb1151a000-7ffb11719000 ---p 00007000 08:01 66431 /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/amd64/libzip.so
7ffb11719000-7ffb1171a000 rw-p 00006000 08:01 66431 /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/amd64/libzip.so
7ffb1171a000-7ffb11726000 r-xp 00000000 08:01 409602 /lib/libnss_files-2.11.3.so
7ffb11726000-7ffb11925000 ---p 0000c000 08:01 409602 /lib/libnss_files-2.11.3.so
7ffb11925000-7ffb11926000 r--p 0000b000 08:01 409602 /lib/libnss_files-2.11.3.so
7ffb11926000-7ffb11927000 rw-p 0000c000 08:01 409602 /lib/libnss_files-2.11.3.so
7ffb11927000-7ffb11931000 r-xp 00000000 08:01 409625 /lib/libnss_nis-2.11.3.so
7ffb11931000-7ffb11b30000 ---p 0000a000 08:01 409625 /lib/libnss_nis-2.11.3.so
7ffb11b30000-7ffb11b31000 r--p 00009000 08:01 409625 /lib/libnss_nis-2.11.3.so
7ffb11b31000-7ffb11b32000 rw-p 0000a000 08:01 409625 /lib/libnss_nis-2.11.3.so
7ffb11b32000-7ffb11b39000 r-xp 00000000 08:01 409610 /lib/libnss_compat-2.11.3.so
7ffb11b39000-7ffb11d38000 ---p 00007000 08:01 409610 /lib/libnss_compat-2.11.3.so
7ffb11d38000-7ffb11d39000 r--p 00006000 08:01 409610 /lib/libnss_compat-2.11.3.so
7ffb11d39000-7ffb11d3a000 rw-p 00007000 08:01 409610 /lib/libnss_compat-2.11.3.so
7ffb11d3a000-7ffb11d4f000 r-xp 00000000 08:01 409615 /lib/libnsl-2.11.3.so
7ffb11d4f000-7ffb11f4e000 ---p 00015000 08:01 409615 /lib/libnsl-2.11.3.so
7ffb11f4e000-7ffb11f4f000 r--p 00014000 08:01 409615 /lib/libnsl-2.11.3.so
7ffb11f4f000-7ffb11f50000 rw-p 00015000 08:01 409615 /lib/libnsl-2.11.3.so
7ffb11f50000-7ffb11f52000 rw-p 00000000 00:00 0
7ffb11f52000-7ffb11f80000 r-xp 00000000 08:01 66430 /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/amd64/libjava.so
7ffb11f80000-7ffb1217f000 ---p 0002e000 08:01 66430 /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/amd64/libjava.so
7ffb1217f000-7ffb12183000 rw-p 0002d000 08:01 66430 /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/amd64/libjava.so
7ffb12183000-7ffb12192000 r-xp 00000000 08:01 66434 /usr/lib/jvm/java-6-openjdk-amd64/jre/lib/amd64/libverify.soAborted
from scrypt.
Thanks! I was able to reproduce your crash with 1.3.2, but not with 1.3.3. Prior to 1.3.3 there was a bug that allowed invalid N parameters (1 in your case). Could you double check the results on 1.3.3?
from scrypt.
right! I must have made a mistake when trying 1.3.3 :( So, issue clesed. thanks
from scrypt.
Awesome, glad to hear it!
from scrypt.
Related Issues (20)
- Is the implementation thread-safe? HOT 6
- Native support for Windows HOT 2
- Android publishing issue with native platforms. HOT 1
- gradle version would be helpful HOT 1
- Android KITKAT and native scrypt support? HOT 2
- Split project into several implementation modules HOT 3
- SCryptUtil should accept char[] in addition to String
- Security issue: exec of world-readable jar entry in world-writable directory
- Include a proper license header in source files
- Android M and native scrypt support?
- Wrong hash on Android x64 devices HOT 5
- Thank you - Cisco Type 9 password hashes
- Way to disable plain hash to be used?
- Inconsistent SCryptUtil#check behavior when password is an empty string
- I dont know about where is path? - sys/limits.h: No such file or directory
- 64 bit native library?
- JAR library loading fails with '#'
- android libscrypt.dylib HOT 4
- Difference between native and java implementation
- Memory is not released after hashing, but only when JVM exits HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scrypt.