[openssl-dev] [BUG] Data race in md_rand.c functions
Dmitry Sobinov
dmitry at addlive.com
Sat Nov 7 05:08:41 UTC 2015
It's set by boost::asio lazily on first use which happens early in the app
lifetime (before any use of DTLS).
On Sat, Nov 7, 2015 at 1:31 AM, Short, Todd <tshort at akamai.com> wrote:
> Do you set any of the locking functions and/or do you configure with
> no-locking?
>
> CRYPTO_set_locking_callback()
> CRYPTO_set_add_lock_callback()
>
> see: https://www.openssl.org/docs/manmaster/crypto/threads.html
>
>
> --
> -Todd Short
> // tshort at akamai.com
> // "One if by land, two if by sea, three if by the Internet."
>
> On Nov 5, 2015, at 8:42 PM, Dmitry Sobinov <dmitry at addlive.com> wrote:
>
> We use OpenSSL for DTLS and for general random numbers generation. While
> checking our app with Clang Thread Sanitizer, we discovered following data
> race:
>
> WARNING: ThreadSanitizer: data race (pid=20055)
> Read of size 4 at 0x7f14adbb7f98 by thread T18:
> #0 ssleay_rand_add
> /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/md_rand.c:220
> (test_client+0x000000dd242a)
> #1 RAND_add
> /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/rand_lib.c:152
> (test_client+0x000000c795be)
> #2 dtls1_connect
> /home/dmitry.sobinov/builds/openssl-1.0.2d/ssl/d1_clnt.c:174
> (test_client+0x000000f4850a)
> #3 SSL_do_handshake
> /home/dmitry.sobinov/builds/openssl-1.0.2d/ssl/ssl_lib.c:2768
> (test_client+0x000000f701ec)
> #4 DtlsSrtpTransport::handshakeIteration()
> /home/dmitry.sobinov/__/src/DtlsSrtpTransport.cpp:328
> (test_client+0x00000079ef88)
>
> Previous write of size 4 at 0x7f14adbb7f98 by thread T41 (mutexes: write
> M869):
> #0 ssleay_rand_bytes
> /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/md_rand.c:392
> (test_client+0x000000dd2e1f)
> #1 ssleay_rand_nopseudo_bytes
> /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/md_rand.c:536
> (test_client+0x000000dd22cb)
> #2 RAND_bytes
> /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/rand_lib.c:159
> (test_client+0x000000c7965a)
> #3 utils::generateRandomBytes(unsigned char*, unsigned long)
> /home/dmitry.sobinov/__/src/OpenSSLHelpers.cpp:45
> (test_client+0x00000078a697)
> #4 unsigned short utils::random<unsigned short>()
> /home/dmitry.sobinov/__/include/utils/OpenSSLHelpers.h:42
> (test_client+0x0000005a4bff)
>
>
> Static global variable crypto_lock_rand is not protected by mutex or set
> as atomic. AFAIK it's undefined behaviour in c/c++.
> OpenSSL was built with TSan instrumentation.
>
>
> Thanks,
> Dmitry Sobinov
>
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
>
>
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
>
--
---
Dmitry Sobinov
AddLive.com
Live video and voice for your application
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151107/54b4b457/attachment-0001.html>
More information about the openssl-dev
mailing list