>>>>> On Mon, 02 Mar 2009 16:56:39 +0000, Tanguy Fautré said: > > We also suspected that the crashes could be caused by heap corruption done > by our application. In order to disprove this, we enabled full CRT checks on > memory allocation/deallocations; no error came up. On top of that, MSDN > documentation states that Heap32Next detects heap corruptions. > > > <Quote from MSDN> > (Heap32Next) Returns TRUE if information about the next block in the heap > has been copied to the buffer or FALSE otherwise. The GetLastError function > returns ERROR_NO_MORE_FILES when no more objects in the heap exist and > ERROR_INVALID_DATA if the heap appears to be corrupt or is modified during > the walk in such a way that Heap32Next cannot continue. > </Quote from MSDN> > > > Two things caught our attention. First, the MSDN documentation of > CreateToolhelp32Snapshot is inconsistent between WinCE and "regular" > Windows. An extra remarks appear on the WinCE documentation. > > <Quote from MSDN> > Because the data captured by CreateToolhelp32Snapshot is static and the > system is dynamic, use try-excepts around the APIs that access this data. > </Quote from MSDN>
It could be genuinely different on WinCE. Making a snapshot might require lots of memory, which is typically a limited resource on machines running WinCE. > The second thing is that the crashes in our application always occurred when > the NVIDIA drivers were handling a wglMakeCurrent() from another thread (our > application opens a OpenGL context while starting an SSL connection). > > > Following the WinCE MSDN doc, we've protected the inner loop of the heap > traversing with try/except blocks. Trials shows this fixes the crashes (the > debugger shows the access violation is caught, and the loop moves on to the > next heap list). On which version(s) of Windows did you observe the crash? > See the attached source file for more information on the modifications we've > made (just diff the file against OpenSSL 0.9.8j). > > > Our current assessment is the following. > > - Either the MSDN documentation is incomplete, and > - CreateToolhelp32Snapshot's snapshots are not as safe as advertised (WinCE > - doc tends to hint that way). In which case try/exception blocks are > - mandatory. I'm not an OpenSSL developer, but it seems somewhat dangerous to me. If it can crash without a good explanation, then can other failure cases be ruled out, such as infinite loops? It might be interesting to see how often ERROR_INVALID_DATA is returned by GetLastError after Heap32Next returns NULL, since these might be cases where it avoided a crash. __Martin ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
