[openssl-dev] [openssl.org #4545] Crash in crypto/rand/md_rand.c

Mick Saxton via RT rt at openssl.org
Fri May 27 10:07:17 UTC 2016 

Hi Matt

The test program runs against our major new development so I cannot share it as is.

I will try to produce a skeleton version which I could let you have.

-          But that will be end if next week as I am away for a few days

-          That is providing that exhibits the bug.

Mick


From: Matt Caswell via RT [mailto:rt at openssl.org]
Sent: 27 May 2016 10:46
To: Mick Saxton
Cc: openssl-dev at openssl.org
Subject: [openssl.org #4545] Crash in crypto/rand/md_rand.c

On Fri May 20 15:49:49 2016, micks at 1e.com<mailto:micks at 1e.com> wrote:
> Hi
>
> Before going any further I would like to state that I have only seen
> this problem when we have 10000 or more concurrent connections.
>
> Mostly we notice it on Windows but I have seen it on linux (Ubuntu).
>
> I first noticed it when using v1.0.2d but have seen it again since
> upgrading to v1.0.2h.
>
> It can happen in one of two places and results in a call to MD_Update
> with a negative value.
>
> I have come up with a temporary fix which avoids the possibility of
> crashing at the expense of some randomness.
> The system is very highly stressed at this point so debugging further
> is difficult.
>
> The fix I am using is probably not what you eventually will want to
> implement but it does improve stability.
>
> 273: MD_Update(&m, &(state[st_idx]), (j - k) );
> Change to
> 273: MD_Update(&m, &(state[st_idx]), (j - k) > 0 ? j - k :
> 1); // micks at 1e.com<mailto:micks at 1e.com> (j -k) must not be negative
>
> And
>
> 495: MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 -
> k )
> Change to
> 495: MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 -
> k > 0 ? MD_DIGEST_LENGTH / 2 - k : 1); // micks at 1e.com<mailto:micks at 1e.com> (j -k) must
> not be negative
>
>
> I do have a test program which can reproduce this behaviour.

Hi Mick

Are you able to share your test program?

Thanks

Matt

--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4545<http://rt.openssl.org/Ticket/Display.html?id=4545>
Please log in as guest with password guest if prompted

________________________________


Legal Notice: This email is intended only for the person(s) to whom it is addressed. If you are not an intended recipient and have received this message in error, please notify the sender immediately by replying to this email or calling +44(0) 2083269015 (UK) or +1 866 592 4214 (USA). This email and any attachments may be privileged and/or confidential. The unauthorized use, disclosure, copying or printing of any information it contains is strictly prohibited. The opinions expressed in this email are those of the author and do not necessarily represent the views of 1E Ltd. Nothing in this email will operate to bind 1E to any order or other contract.

-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4545
Please log in as guest with password guest if prompted

More information about the openssl-dev mailing list