[openssl-dev] [openssl.org #3648] BUG: Undefined behavior in easy_tls.c

noloader@gmail.com via RT rt at openssl.org
Tue Jan 13 19:41:53 UTC 2015


Around line 731 of demos/easy_tls/easy_tls.c:

    if (tls_dhe1024 == NULL) {
        int i;

        RAND_bytes((unsigned char *) &i, sizeof i);
        /* make sure that i is non-negative -- pick one of the provided
         * seeds */
        if (i < 0)
        i = -i;
        if (i < 0)
        i = 0;
        tls_set_dhe1024(i, apparg);
        if (tls_dhe1024 == NULL)
        goto err_return;
    }

In a correct program, the assumptions does not hold. I think some of
it could be optimized away (http://www.airs.com/blog/archives/120):

        if (i < 0)
        i = -i;
        if (i < 0)
        i = 0;

Perhaps the test should be something like:

    if(i < 0 && i != INT_MIN)
        i = -i;
    else if (i == INT_MIN)
        i = 0;

Or perhaps more tersely:

    if(i < 0)
        i = (int)((unsigned int)i >> 1);

Or:

    if(i < 0)
        i = (int)((unsigned int)i % INT_MAX);

I think the last is most portable, but I'm not sure how it affects a
uniform distribution.




More information about the openssl-dev mailing list