Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/x509: panic verifying certificate on windows #12184

Closed
deafgoat opened this issue Aug 18, 2015 · 4 comments
Closed

crypto/x509: panic verifying certificate on windows #12184

deafgoat opened this issue Aug 18, 2015 · 4 comments
Labels
FrozenDueToAge OS-Windows
Milestone
Go1.6Early

Comments

@deafgoat
Copy link
Contributor 

package main

import "crypto/x509"

func main() {
    c := x509.Certificate{}
    _, _ = c.Verify(x509.VerifyOptions{})
    println("success")
}

Works fine on darwin and various linux distros but panics with the following trace on windows amd64:

panic: runtime error: index out of range

goroutine 1 [running]:
crypto/x509.createStoreContext(0xc08206a000, 0xc082069ec8, 0x0, 0x0, 0x0)
        c:/go/src/crypto/x509/root_windows.go:23 +0x444
crypto/x509.(*Certificate).systemVerify(0xc08206a000, 0xc082069ec8, 0x0, 0x0, 0x
0, 0x0, 0x0)
        c:/go/src/crypto/x509/root_windows.go:146 +0xe0
crypto/x509.(*Certificate).Verify(0xc08206a000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x
0, 0x0, 0x0, ...)
        c:/go/src/crypto/x509/verify.go:215 +0x95
main.main()
        C:/Users/Administrator/x509Issue.go:7 +0x7d

goroutine 2 [runnable]:
runtime.forcegchelper()
        c:/go/src/runtime/proc.go:90
runtime.goexit()
        c:/go/src/runtime/asm_amd64.s:2232 +0x1

goroutine 3 [runnable]:
runtime.bgsweep()
        c:/go/src/runtime/mgc0.go:82
runtime.goexit()
        c:/go/src/runtime/asm_amd64.s:2232 +0x1

goroutine 4 [runnable]:
runtime.runfinq()
        c:/go/src/runtime/malloc.go:712
runtime.goexit()
        c:/go/src/runtime/asm_amd64.s:2232 +0x1
exit status 2
@deafgoat deafgoat changed the title crypto/rand: panic verifying certificate on windows crypto/x509: panic verifying certificate on windows Aug 18, 2015
@ianlancetaylor ianlancetaylor added this to the Go1.5Maybe milestone Aug 18, 2015
@ianlancetaylor
Copy link
Contributor

CC @agl

@agl agl self-assigned this Aug 18, 2015
@alexbrainman
Copy link
Member

Let me know if I can help in any way.

Alex

@rsc
Copy link
Contributor

rsc commented Aug 19, 2015

The problem is &leaf.Raw[0] because leaf.Raw might be empty. I confirmed that this was broken in Go 1.4 as well, so it must not be common enough a case to merit a last-minute fix for Go 1.5. I think the fix is easy: return CertificateInvalidError{c, Expired} for len(leaf.Raw) == 0. But maybe that will just uncover the next problem with the Windows code on an empty certificate.

@rsc rsc modified the milestones: Go1.6Early, Go1.5Maybe Aug 19, 2015
@gopherbot
Copy link

CL https://golang.org/cl/14053 mentions this issue.

@agl agl closed this as completed in 8ee0261 Sep 30, 2015
@golang golang locked and limited conversation to collaborators Oct 4, 2016
@rsc rsc unassigned agl Jun 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge OS-Windows
Projects
None yet
Milestone
Go1.6Early
Development

No branches or pull requests
6 participants
@agl @rsc @deafgoat @ianlancetaylor @gopherbot @alexbrainman