According to the CVS history for the i586 AES assembler code -
http://cvs.openssl.org/rlog?f=openssl/crypto/aes/asm/aes-586.pl ,
Andy Polyakov patched the AES_cbc_encrypt assembly to prevent memory
debuggers such as valgrind warning about invalid writes.
I've just come across the same issue on x86_64:
Invalid write of size 8
==14678== at 0x52054F: AES_cbc_encrypt (aes-x86_64.s:910)
==14678== Address 0x6042980 is not stack'd, malloc'd or (recently) free'd
and humbly suggest the attached 2-line patch to apply exactly the same
fix to the 64-bit assembler.
This fixes any warnings about AES_cbc_encrypt for me.
Simon.
diff -u -r openssl-0.9.8j.orig/crypto/aes/asm/aes-x86_64.pl openssl-0.9.8j.patched/crypto/aes/asm/aes-x86_64.pl
--- openssl-0.9.8j.orig/crypto/aes/asm/aes-x86_64.pl 2008-12-27 13:34:30.000000000 +0000
+++ openssl-0.9.8j.patched/crypto/aes/asm/aes-x86_64.pl 2009-01-16 12:48:37.000000000 +0000
@@ -1181,12 +1181,12 @@
.Lcbc_cleanup:
cmpl \$0,$mark # was the key schedule copied?
lea $aes_key,%rdi
- mov $_rsp,%rsp
je .Lcbc_exit
mov \$240/8,%ecx
xor %rax,%rax
.long 0x90AB48F3 # rep stosq
.Lcbc_exit:
+ mov $_rsp,%rsp
popfq
pop %r15
pop %r14
