[openssl-dev] [openssl.org #4545] Crash in crypto/rand/md_rand.c
Matt Caswell via RT
rt at openssl.org
Fri Jun 17 23:07:53 UTC 2016
On 17/06/16 20:56, Matt Caswell via RT wrote:
>
>
> On 17/06/16 19:43, Mick Saxton via RT wrote:
>> Perhaps we should consider if there are any negative consequences to my solution?
>> It does work.
>>
>> I am trying really hard to get contention but I am only seeing this problem in about 1 out of 100,000 successful TLSv1.2 connections
>> On a heavily congested network.
>> I require three machines to just to run the test that causes the failure.
>>
>> All we are trying to do is get a random number – surely getting a slightly less random number is better than crashing?
>> It could be that the problematic instances were going to disconnect anyway due to TCP/IP problems.
>>
>
> I think we need to try instrumenting the code to see if we can get some
> more information out. I will try and pull something together - but it
> might be Monday before I get the opportunity.
I got to it quicker than I thought. Please see attached patch. Can you
apply it to the latest git 1.0.2 version and re-run your test (capture
stderr output). I'd like to see what we get.
Also is this 32-bit or 64-bit Windows? Are you able to share your
locking callback implementation?
Thanks
Matt
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4545
Please log in as guest with password guest if prompted
-------------- next part --------------
A non-text attachment was scrubbed...
Name: md-rand-instrument.patch
Type: text/x-patch
Size: 2381 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160617/ab51ee52/attachment-0001.bin>
More information about the openssl-dev
mailing list