[openssl-dev] [openssl.org #4127] [BUG] Data race in md_rand.c functions
Dmitry Sobinov via RT
rt at openssl.org
Sun Nov 8 11:37:56 UTC 2015
We use OpenSSL for DTLS and for general random numbers generation. While
checking our app with Clang Thread Sanitizer, we discovered following data
race:
WARNING: ThreadSanitizer: data race (pid=20055)
Read of size 4 at 0x7f14adbb7f98 by thread T18:
#0 ssleay_rand_add
/home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/md_rand.c:220
(test_client+0x000000dd242a)
#1 RAND_add
/home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/rand_lib.c:152
(test_client+0x000000c795be)
#2 dtls1_connect
/home/dmitry.sobinov/builds/openssl-1.0.2d/ssl/d1_clnt.c:174
(test_client+0x000000f4850a)
#3 SSL_do_handshake
/home/dmitry.sobinov/builds/openssl-1.0.2d/ssl/ssl_lib.c:2768
(test_client+0x000000f701ec)
#4 DtlsSrtpTransport::handshakeIteration()
/home/dmitry.sobinov/__/src/DtlsSrtpTransport.cpp:328
(test_client+0x00000079ef88)
Previous write of size 4 at 0x7f14adbb7f98 by thread T41 (mutexes: write
M869):
#0 ssleay_rand_bytes
/home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/md_rand.c:392
(test_client+0x000000dd2e1f)
#1 ssleay_rand_nopseudo_bytes
/home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/md_rand.c:536
(test_client+0x000000dd22cb)
#2 RAND_bytes
/home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/rand_lib.c:159
(test_client+0x000000c7965a)
#3 utils::generateRandomBytes(unsigned char*, unsigned long)
/home/dmitry.sobinov/__/src/OpenSSLHelpers.cpp:45
(test_client+0x00000078a697)
#4 unsigned short utils::random<unsigned short>()
/home/dmitry.sobinov/__/include/utils/OpenSSLHelpers.h:42
(test_client+0x0000005a4bff)
Static global variable crypto_lock_rand is not protected by mutex or set as
atomic. AFAIK it's undefined behaviour in c/c++.
OpenSSL was built with TSan instrumentation.
Thanks,
Dmitry Sobinov
-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
More information about the openssl-dev
mailing list