RE: Concerns about the use of OPENSSL_cleanse()

[Wirta Ville]

Good morning great OpenSSL developpers!

Just a humble opinnion on that problem. How about adding a normal memset to
be the last action that OPENSSL_cleanse() does? Would that make any kind of
sence or improvement? That way the compiler would have to make sure OpenSSL
can safely expect to find a NULL from a memset:ed pointer field? There may
or may not actually be NULL values, but that doesn't matter because
OPENSSL_cleanse() has already put some random data in there. ...Or is this
too simple idea to ever work? :-)

        T: VW


-----Original Message-----
From: Jeffrey Altman [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 09, 2002 7:04 AM
To: [EMAIL PROTECTED]
Subject: Concerns about the use of OPENSSL_cleanse()


I think we need to take a very close look at the situations when it is 
safe to replace memset(buf,0,sizeof(buf)) with 
OPENSSL_cleanse(buf,sizeof(buf)).  

It is clearly safe to make this replacement when the buffer is a stack 
allocation because there can be no future use of the data can take 
place.  So there is no functional difference between a buffer filled 
with zeros and a buffer filled with garbage data.

However, this is not true for data structures that are located on the 
heap.  In many cases OpenSSL provides functions that allow a buffer to 
be reused:  XXX_init(), XXX_cleanup(), XXX_free().  This is true for 
several data structures.  By replacing memset() with OPENSSL_cleanse() 
in the XXX_cleanup() function we have a problem when the data structure 
contains pointers to additional heap allocations.  

One case that I found a problem with is:

. application allocates X509_STORE_CTX and initializes it with 
X509_STORE_CTX_init().  

. application calls X509_STORE_CTX_cleanup() which in turn calls 
OPENSSL_cleanse()

. application calls X509_STORE_CTX_free() which in turn calls 
X509_STORE_CTX_cleanup().
This results in an exception because the ex_data field is a struct that 
contains pointers to memory allocations.  Due to the OPENSSL_cleanse() 
call the pointer values are garbage non-NULL values.  An attempt is made 
to free the memory.  This causes an exception.

This is going to require careful examination to find all of the places 
where pointers need to be set to NULL after or during a cleanse operation.

- Jeff



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]