[openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check
Michel via RT
rt at openssl.org
Sun Jul 31 22:18:10 UTC 2016
> I was able to trigger a crash simply by chaining an encrypt BIO with a
memory BIO containing a large plaintext and then stream 100 bytes out of it
at a time. BIO_read would consistently return 128 and, by the time the
function returned, the stack was thoroughly clobbered.
I am surprised. I should have been [un-?]lucky for once.
FWIW, here is what I did :
I have some files containing about 10000 of variable length lines (range is
from about 60 to 260 bytes).
File size is about 900 Kb to 1.5 Mb.
Files can be cleartext or encrypted (in this case they can be optionaly
base64 encoded).
So I have a software that chain as follow :
File bio ->
Base64 bio (opt) ->
Cipher bio (opt) ->
Memory bio.
For my test I read and wrote each case using 2 different ciphers : aes-128
and camelia-192.
Everything looks good : no crash, no data lost or damaged, no memory leak
and no stack overwritten.
I certainly misunderstand something, but I will be happy to test again my
use case if it can be of any help.
Regards,
Michel.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4628
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list