Hello Samuel, On Sat, 29 May 2021 14:06:18 +0100 Samuel Henrique wrote: > > That's a great catch! > I'm bumping the severity as this "makes the package in question > unusable or mostly so".
thanks for getting back to me regarding this bug. Since there is just an offset in the values used for key identification, which stems from the `xor_count_256` respectively `xor_count_128`-variable, the package is still kind of usable, if the default threshold is raised -- either manually via `-t 50`or via a patch during compile time. Nevertheless, this should be fixed in a proper way, I think. > I believe you accidentally pasted the same link twice when talking > about two different functions. Yes, this was a faux pas -- sorry for that! The second suspicious function, which I mentioned in my previous message, seems to be `key_core(...)` in `aes.h`. You can find it here [1]. The two referenced functions basically perform the heavy lifting of aeskeyfind's compuations. > Could you submit your tests so we can confirm any fix applied (if we do so)? > I would like to use your tests with git-bisect to make sure this > regression wasn't caused by one of our patches. I am very confident, that the Debian's patches applied during the packaging are fine, since I checked the results of the unmodified upstream source also, which I built by myself and got the same erroneous results. Therefore it looks like to me, that the error stems from some changes related to glibc 2.31-11 (or maybe even the kernel in Version 5.10.0.6). The tests, that I created and which led to uncovering this issue can be found here: https://salsa.debian.org/jgru/aeskeyfind/-/commit/04c9a6038a047fa97e527cc05346416b98949c4c You can get and run those tests with the following commands: ``` git clone g...@salsa.debian.org:jgru/aeskeyfind.git git checkout add-autopkgtests autopkgtest --debug -- schroot sid-amd64 ``` If you remove line 62 of `debian/tests/helpers/ test_aes_extraction.sh` [3] you can preserve the resulting dump for manual testing. If you add `-t 50`to line 56 of `debian/tests/helpers/ test_aes_extraction.sh` [4] the tests will succeed. > > It's possible that this bug also affects rsakeyfind, so I would > appreciate it if you could run your test against that package as well > (I assume it must be easy since they are so similar). > I performed similar tests regarding rsakeyfind and have to say, that this software is not affected at all. Please refer to my merge request containing the autopkgtests for rsakeyfind at [5]. If you have any ideas on how to debug this issue in a targeted manner, please get back to me. Thanks for tackling this problem! Best regards, Jan --- [1] https://salsa.debian.org/pkg-security-team/aeskeyfind/-/blob/debian/master/aes.h#L12 [2] https://citpsite.s3.amazonaws.com/memory-content/src/aeskeyfind-1.0.tar.gz [3] https://salsa.debian.org/jgru/aeskeyfind/-/blob/add-autopkgtests/debian/tests/helpers/test_aes_extraction.sh#L62 [4] https://salsa.debian.org/jgru/aeskeyfind/-/blob/add-autopkgtests/debian/tests/helpers/test_aes_extraction.sh#L56 [5] https://salsa.debian.org/pkg-security-team/rsakeyfind/-/merge_requests/2?commit_id=e7d030704f56c84ff48893883af2c5cc46414c4b
