[openssl-dev] Question about valgrind error in DH in 1.0.2
Andy Polyakov
appro at openssl.org
Tue May 19 07:49:52 UTC 2015
> Changing the movzwl to movzbl in bn_get_bits5 eliminates the valgrind
> error. But this isn't a valid fix since bn_get_bits5 no longer returns
> the correct data. My assembly skills are near nil. Maybe someone else
> can propose a valid fix.
>
> Having said this, this does show the problem appears to be due to the
> movzwl reading past the end of the buffer by a byte.
Correct.
> Given the data
> allocated on the heap is likely surrounded by guard bytes, this is
> likely a benign read outside the buffer.
Correct.
> But it should still be fixed.
Test attached.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mont5.diff
Type: text/x-patch
Size: 571 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150519/07361dd2/attachment.bin>
More information about the openssl-dev
mailing list