Hello, I can confirm that I have seen a similar behavior in multi-thread environment. Unfortunately, I do not have a script to reproduce it either.
On Fri, May 20, 2016 at 6:49 PM, Mick Saxton via RT <r...@openssl.org> wrote: > Hi > > Before going any further I would like to state that I have only seen this > problem when we have 10000 or more concurrent connections. > > Mostly we notice it on Windows but I have seen it on linux (Ubuntu). > > I first noticed it when using v1.0.2d but have seen it again since > upgrading to v1.0.2h. > > It can happen in one of two places and results in a call to MD_Update with > a negative value. > > I have come up with a temporary fix which avoids the possibility of > crashing at the expense of some randomness. > The system is very highly stressed at this point so debugging further is > difficult. > > The fix I am using is probably not what you eventually will want to > implement but it does improve stability. > > 273: MD_Update(&m, &(state[st_idx]), (j - k) ); > Change to > 273: MD_Update(&m, &(state[st_idx]), (j - k) > 0 ? j - k : 1); > // mi...@1e.com (j -k) must not be negative > > And > > 495: MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k ) > Change to > 495: MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k > > 0 ? MD_DIGEST_LENGTH / 2 - k : 1); // mi...@1e.com (j -k) must not be > negative > > > I do have a test program which can reproduce this behaviour. > > If I can be of further help - please contact me by email. > > Regards > Mick Saxton > > ________________________________ > > > Legal Notice: This email is intended only for the person(s) to whom it is > addressed. If you are not an intended recipient and have received this > message in error, please notify the sender immediately by replying to this > email or calling +44(0) 2083269015 (UK) or +1 866 592 4214 (USA). This > email and any attachments may be privileged and/or confidential. The > unauthorized use, disclosure, copying or printing of any information it > contains is strictly prohibited. The opinions expressed in this email are > those of the author and do not necessarily represent the views of 1E Ltd. > Nothing in this email will operate to bind 1E to any order or other > contract. > > -- > Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4545 > Please log in as guest with password guest if prompted > > > -- > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > > -- SY, Dmitry Belyavsky
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
