Hi Before going any further I would like to state that I have only seen this problem when we have 10000 or more concurrent connections.
Mostly we notice it on Windows but I have seen it on linux (Ubuntu). I first noticed it when using v1.0.2d but have seen it again since upgrading to v1.0.2h. It can happen in one of two places and results in a call to MD_Update with a negative value. I have come up with a temporary fix which avoids the possibility of crashing at the expense of some randomness. The system is very highly stressed at this point so debugging further is difficult. The fix I am using is probably not what you eventually will want to implement but it does improve stability. 273: MD_Update(&m, &(state[st_idx]), (j - k) ); Change to 273: MD_Update(&m, &(state[st_idx]), (j - k) > 0 ? j - k : 1); // mi...@1e.com (j -k) must not be negative And 495: MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k ) Change to 495: MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k > 0 ? MD_DIGEST_LENGTH / 2 - k : 1); // mi...@1e.com (j -k) must not be negative I do have a test program which can reproduce this behaviour. If I can be of further help - please contact me by email. Regards Mick Saxton ________________________________ Legal Notice: This email is intended only for the person(s) to whom it is addressed. If you are not an intended recipient and have received this message in error, please notify the sender immediately by replying to this email or calling +44(0) 2083269015 (UK) or +1 866 592 4214 (USA). This email and any attachments may be privileged and/or confidential. The unauthorized use, disclosure, copying or printing of any information it contains is strictly prohibited. The opinions expressed in this email are those of the author and do not necessarily represent the views of 1E Ltd. Nothing in this email will operate to bind 1E to any order or other contract. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4545 Please log in as guest with password guest if prompted
crash.log
Description: Binary data
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
