[openssl-dev] [openssl.org #4100] Overlapping memcpy arguments in bn_add.c

Pascal Cuoq via RT rt at openssl.org
Mon Oct 19 15:55:09 UTC 2015 

Hello,

this is a follow-up to #3891 (https://mta.openssl.org/pipermail/openssl-dev/2015-June/001667.html ). Kurt Roeckx has committed many fixes to the bugs aggregated in that report. Since, we have been replaying the tests in a recent OpenSSL development version, posterior to these commits, to see what issues remained and re-submit them individually with more explanation. This means that #3891 can now be closed (grouping too many fixes in a same entry may not have been such a good idea after all).

First, an old problem for which detection was only implemented recently : the memcpy call in bn_add.c can be passed identical pointers, which are thus pointing to overlapping zones. The code has been so for a long time and someone would likely have noticed if this had practical consequences, but in principle, invoking memcpy to copy between overlapping memory zones is undefined behavior even if the overlap is exact.

This can be fixed locally as in the attached patch.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: bn_memcpy_overlap.patch
Type: application/octet-stream
Size: 370 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151019/01e414b7/attachment.obj>
-------------- next part --------------


One actual sequence for which the pointers ap and rp end up being identical is as follows:

1/ probable_prime_dh_safe calls BN_sub(q, q, t1)

2/ in BN_sub, r and a are then aliases

3/ BN_sub calls BN_usub(r, a, b) so r and a are still aliases in BN_usub

4/ in BN_usub, ap = a->d; and rp = r->d;
  then the 2 pointers can be incremented, but an identical number of times

5/ then memcpy is called with rp and ap that are still aliases, which is undefined behavior
-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod

More information about the openssl-dev mailing list