On Fri, 2010-01-22 at 19:19 +0200, Martin Paljak wrote:
> Hello.
>
> It appears that in v1.0 something relating to OPENSSL_cleanse has
> changed. Most notably it crashes whenever len is zero. This was not
> the case with 0.9.8.
...
> The interesting thing here is that the implementation of mem_clr.c has
> not changed between 0.9.8(k) and 1.0.0-beta5.
It did not and it is 0 byte length safe. The problem is with assembler
implementations which underflow with 0 byte length and overwrite memory.
> Is OPENSSL_cleanse supposed to be callable with zero length?
That's a question I did a very quick overview of the calls to
OPENSSL_cleanse() in openssl and did not found anything suspicious at
first sight that it would call it eventually with 0 bytes but there are
definitely places that might need some deeper review.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
