[openssl-dev] [openssl.org #4545] Crash in crypto/rand/md_rand.c

Dmitry Belyavsky beldmit at gmail.com
Fri May 27 09:44:02 UTC 2016 

Hello,

I can confirm that I have seen a similar behavior in multi-thread
environment. Unfortunately, I do not have a script to reproduce it either.

On Fri, May 20, 2016 at 6:49 PM, Mick Saxton via RT <rt at openssl.org> wrote:

> Hi
>
> Before going any further I would like to state that I have only seen this
> problem when we have 10000 or more concurrent connections.
>
> Mostly we notice it on Windows but I have seen it on linux (Ubuntu).
>
> I first noticed it when using v1.0.2d but have seen it again since
> upgrading to v1.0.2h.
>
> It can happen in one of two places and results in a call to MD_Update with
> a negative value.
>
> I have come up with a temporary fix which avoids the possibility of
> crashing at the expense of some randomness.
> The system is very highly stressed at this point so debugging further is
> difficult.
>
> The fix I am using is probably not what you eventually will want to
> implement but it does improve stability.
>
> 273:            MD_Update(&m, &(state[st_idx]), (j - k) );
> Change to
> 273:            MD_Update(&m, &(state[st_idx]), (j - k) > 0 ? j - k : 1);
> // micks at 1e.com (j -k) must not be negative
>
> And
>
> 495:            MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k )
> Change to
> 495:            MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k >
> 0 ? MD_DIGEST_LENGTH / 2 - k : 1);  // micks at 1e.com (j -k) must not be
> negative
>
>
> I do have a test program which can reproduce this behaviour.
>
> If I can be of further help - please contact me by email.
>
> Regards
> Mick Saxton
>
> ________________________________
>
>
> Legal Notice: This email is intended only for the person(s) to whom it is
> addressed. If you are not an intended recipient and have received this
> message in error, please notify the sender immediately by replying to this
> email or calling +44(0) 2083269015 (UK) or +1 866 592 4214 (USA). This
> email and any attachments may be privileged and/or confidential. The
> unauthorized use, disclosure, copying or printing of any information it
> contains is strictly prohibited. The opinions expressed in this email are
> those of the author and do not necessarily represent the views of 1E Ltd.
> Nothing in this email will operate to bind 1E to any order or other
> contract.
>
> --
> Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4545
> Please log in as guest with password guest if prompted
>
>
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
>


-- 
SY, Dmitry Belyavsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160527/a4e6a8ca/attachment.html>

More information about the openssl-dev mailing list