On Mon, May 9, 2011 at 9:15 PM, Michael Gale <[email protected]> wrote:
> I checked OpenSSL 1.0.0d release and the same comment is there "does not
> happen". If it does not happen why is it being checked?
Might be more correctly stated as '/* _should_ not happen */' - see the
code: it's a basic sanity check to ensure the BIO_read() doesn't overrun the
rx buffer, which would cause arbitrary memory corruption if the BIO_read()
were allowed to do that. The error is keeping you from worse (and even
harder to debug) things happening to you.
It is unclear (assuming the stack trace you provided only lists the python
side of things) who invoked ssl3_read_n() and where the error originates: it
may either be an input argument error to ssl3_read_n(): ..., int n, int max,
... where n>max from the start of the function, or due to a 'max' fixup
inside ssl3_read_n() combined with yet unknown context conditions.
Incidentally, did you grep whether ssl3_read_n() is invoked directly from
the Python glue (just to be sure only the 'usual suspects' inside openSSL
itself may invoke ssl3_read_n(); it is marked as an internal-use-only
function (prototype sits in ssl_locl.h)
I haven't seen this error before, but what might help you in improving
diagnosis, assuming you can build your own openSSL (+ python glue code ?),
is adding a bit of info to the error report plus activating the openssl
assertions in the build. Then you can add these lines (typed off the top of
my head, so reckon with the compiler yakking due to typos by me) to see
where the issue 'starts' within the function:
--snip-- Whole function below from s3_pkt.c
> 132 int i,off,newb;
> 133
>
OPENSSL_assert(n <= max); /* turn on assertions in build to have this
one fire on incorrect input */
*
alternative code, which might be more useful and doesn't require assertions
enabled to fire anyway when this 'should not happen' occasion happens
anyway:
if (n > max) /* should not happen */*
* {
char errbuf[80];
*
* SSLerr(SSL_F_SSL3_READ_N,ERR_R_INTERNAL_ERROR);
** sprintf(errbuf, ' @ start of ssl3_read_n: n = %d, max =
%d", n, max);*
* ERR_add_error_data(1, errbuf);*
* return -1;*
* }*
The ERR_add_error_data() call accepts a series of strings which are appended
as extra data to the error report; very handy to transport debug info out of
openSSL. Note that it must be invoked AFTER the SSLerr() pushed the error on
the error stack.
> 134 if (!extend)
> [...]
>
165 {
>
> 166 /* avoid buffer overflow */
> 167 int max_max = s->s3->rbuf.len - s->packet_length;
> 168 if (max > max_max)
> 169 max = max_max;
> 170 }
> * 171 if (n > max) /* does not happen */*
> * 172 {*
>
char errbuf[120]; /* and here, it might be useful to have a look at the
rbuf, as by now we 'know' this will only fire when max was reduced above */
> * 173 SSLerr(SSL_F_SSL3_READ_N,ERR_R_INTERNAL_ERROR);*
>
* ** sprintf(errbuf, ' @ line %d in ssl3_read_n: n = %d, max =
%d, *rbuf.len = %d, packet_length* = %d", n, max, (int)*s->s3->rbuf.len,
(int)s->packet_length*);*
* ERR_add_error_data(1, errbuf);*
> * 174 return -1;*
> * 175 }*
>
--
Met vriendelijke groeten / Best regards,
Ger Hobbelt
--------------------------------------------------
web: http://www.hobbelt.com/
http://www.hebbut.net/
mail: [email protected]
mobile: +31-6-11 120 978
--------------------------------------------------
