centos7+python3.11 Segmentation fault

Question

centos7+python3.11 Segmentation fault

yq9721 opened this issue 10 months ago · comments

Describe the bug
When we use python3.11 in centos7 to run sslyze, we got a "Segmentation fault".
When we use faulthandler module, it seems to be an error in nassl.

To Reproduce
Below is the test code:

import faulthandler
faulthandler.enable()
from sslyze import (
    ServerScanRequest,
    ServerNetworkLocation,
    ServerHostnameCouldNotBeResolved,
    ServerScanStatusEnum,
    ScanCommandAttemptStatusEnum,
    Scanner,
    ServerScanResult,
)

Then run the test code:

python311 xxx.py

The error is shown as below:

Fatal Python error: Segmentation fault

Current thread 0x00007fcb98c31740 (most recent call first):
  File "/data/pyvenv/security/lib/python3.11/site-packages/nassl/ssl_client.py", line 168 in _init_ssl_objects
  File "/data/pyvenv/security/lib/python3.11/site-packages/nassl/ssl_client.py", line 121 in __init__
  File "/data/pyvenv/security/lib/python3.11/site-packages/nassl/legacy_ssl_client.py", line 39 in __init__
  File "/data/pyvenv/security/lib/python3.11/site-packages/sslyze/plugins/openssl_cipher_suites/cipher_suites.py", line 575 in _parse_all_cipher_suites_with_legacy_openssl
  File "/data/pyvenv/security/lib/python3.11/site-packages/sslyze/plugins/openssl_cipher_suites/cipher_suites.py", line 590 in _parse_all_cipher_suites
  File "/data/pyvenv/security/lib/python3.11/site-packages/sslyze/plugins/openssl_cipher_suites/cipher_suites.py", line 649 in CipherSuitesRepository
  File "/data/pyvenv/security/lib/python3.11/site-packages/sslyze/plugins/openssl_cipher_suites/cipher_suites.py", line 647 in <module>
  File "<frozen importlib._bootstrap>", line 241 in _call_with_frames_removed
  File "<frozen importlib._bootstrap_external>", line 940 in exec_module
  File "<frozen importlib._bootstrap>", line 690 in _load_unlocked
  File "<frozen importlib._bootstrap>", line 1149 in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 1178 in _find_and_load
  File "/data/pyvenv/security/lib/python3.11/site-packages/sslyze/plugins/openssl_cipher_suites/_test_cipher_suite.py", line 13 in <module>
  File "<frozen importlib._bootstrap>", line 241 in _call_with_frames_removed
  File "<frozen importlib._bootstrap_external>", line 940 in exec_module
  File "<frozen importlib._bootstrap>", line 690 in _load_unlocked
  File "<frozen importlib._bootstrap>", line 1149 in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 1178 in _find_and_load
  File "/data/pyvenv/security/lib/python3.11/site-packages/sslyze/plugins/openssl_cipher_suites/_cli_connector.py", line 5 in <module>
  File "<frozen importlib._bootstrap>", line 241 in _call_with_frames_removed
  File "<frozen importlib._bootstrap_external>", line 940 in exec_module
  File "<frozen importlib._bootstrap>", line 690 in _load_unlocked
  File "<frozen importlib._bootstrap>", line 1149 in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 1178 in _find_and_load
  File "/data/pyvenv/security/lib/python3.11/site-packages/sslyze/plugins/openssl_cipher_suites/implementation.py", line 6 in <module>
  File "<frozen importlib._bootstrap>", line 241 in _call_with_frames_removed
  File "<frozen importlib._bootstrap_external>", line 940 in exec_module
  File "<frozen importlib._bootstrap>", line 690 in _load_unlocked
  File "<frozen importlib._bootstrap>", line 1149 in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 1178 in _find_and_load
  File "/data/pyvenv/security/lib/python3.11/site-packages/sslyze/plugins/scan_commands.py", line 14 in <module>
  File "<frozen importlib._bootstrap>", line 241 in _call_with_frames_removed
  File "<frozen importlib._bootstrap_external>", line 940 in exec_module
  File "<frozen importlib._bootstrap>", line 690 in _load_unlocked
  File "<frozen importlib._bootstrap>", line 1149 in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 1178 in _find_and_load
  File "/data/pyvenv/security/lib/python3.11/site-packages/sslyze/__init__.py", line 23 in <module>
  File "<frozen importlib._bootstrap>", line 241 in _call_with_frames_removed
  File "<frozen importlib._bootstrap_external>", line 940 in exec_module
  File "<frozen importlib._bootstrap>", line 690 in _load_unlocked
  File "<frozen importlib._bootstrap>", line 1149 in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 1178 in _find_and_load
  File "/data/application/security/ttt.py", line 3 in <module>

Extension modules: nassl._nassl, nassl._nassl_legacy, pydantic.typing, pydantic.errors, pydantic.version, pydantic.utils, pydantic.class_validators, pydantic.config, pydantic.color, pydantic.datetime_parse, pydantic.validators, pydantic.networks, pydantic.types, pydantic.json, pydantic.error_wrappers, pydantic.fields, pydantic.parse, pydantic.schema, pydantic.main, pydantic.dataclasses, pydantic.annotated_types, pydantic.decorator, pydantic.env_settings, pydantic.tools, pydantic, _cffi_backend (total: 26)
Segmentation fault

Python environment (please complete the following information):

OS: CentOS Linux release 7.5.1804 (Core)
Python version: 3.11.0

Additional context
No.

Alban Diquet · Answer 1 · Sun Sep 24 2023 14:51:39 GMT+0800 (China Standard Time)

Thanks for the bug report! Most likely the same issue as nabla-c0d3/nassl#95

Alban Diquet · Answer 2 · Sun Sep 24 2023 22:59:22 GMT+0800 (China Standard Time)

Fixed in v5.2.0.