Package: libssl0.9.8 Version: 0.9.8g-15+lenny1 Severity: normal ==28427== Possible data race during read of size 1 at 0x55ef868 by thread #3 ==28427== at 0x52CFC41: OPENSSL_cleanse (mem_clr.c:67) ==28427== by 0x533647F: EVP_MD_CTX_cleanup (digest.c:322) ==28427== by 0x53367AF: EVP_DigestFinal (digest.c:221) ==28427== by 0x40F1C3: CDKIMVerify::GetResults() (dkimverify.cpp:460) ==28427== by 0x40378A: dkim_verify(int, char const*, int, unsigned char**, char***) (dkim-test.cpp:122) ==28427== by 0x403D06: do_work(void*) (dkim-test.cpp:359) ==28427== by 0x4C26ABF: mythread_wrapper (hg_intercepts.c:194) ==28427== by 0x4E2FFC6: start_thread (in /lib/libpthread-2.7.so) ==28427== by 0x5E8B5AC: clone (in /lib/libc-2.7.so) ==28427== This conflicts with a previous write of size 1 by thread #2 ==28427== at 0x52CFC80: OPENSSL_cleanse (mem_clr.c:76) ==28427== by 0x52CFBD4: CRYPTO_realloc_clean (mem.c:361) ==28427== by 0x5325A97: BUF_MEM_grow_clean (buffer.c:149) ==28427== by 0x53429E1: asn1_d2i_read_bio (a_d2i_fp.c:227) ==28427== by 0x5342C40: ASN1_d2i_bio (a_d2i_fp.c:93) ==28427== by 0x406A94: dk_end (domainkeys.c:1945) ==28427== by 0x406D22: dk_eom (domainkeys.c:1982) ==28427== by 0x4034CC: domainkeys_verify(int, char const*, int, unsigned char**, char***) (dkim-test.cpp:218)
The above is from running helgrind on my AMD64 system. cleanse_ctr is a global variable which is both read and written by OPENSSL_cleanse() without locking. It probably doesn't matter much as it's only used as a source of entropy for scrubbing memory prior to freeing it. Can we flag this variable to be skipped by helgrind checks? Also it would be good if the source could include a comment with a reference to the research showing the need for such memory scrubbing. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

