Check that the parameters to this memcpy call are satisfactory (ie. pointers
to valid memory, and that the length doesn't extend into invalid memory).
If they aren't satisfactory then there is obviously a problem with the wr
structure. If the parameters are satisfactory, then perhaps memory has been
corrupted sometime earlier in the process.
If memory has been corrupted, it is most likely due to a buffer overrun, or
writing to memory with an invalid pointer. It is possible that such a
corruption could be caused by a bug in your own code, or caused by the
OpenSSL code due to the SSL or SSL_CTX structures containing invalid
pointers, etc.
If you have Purify, BoundsChecker, etc., use them to determine when/where
the memory corruption occurs. Otherwise, use Fortify
(http://www.geocities.com/SiliconValley/Horizon/8596/fortify.html) and
sprinkle some Fortify_CheckAllMemory() calls around to try to locate the
point of corruption.
Regards,
Steven
> -----Original Message-----
> From: Bill Browning [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, September 06, 2000 10:41 AM
> To: '[EMAIL PROTECTED]'
> Subject: memcpy failure in do_ssl3_write
>
> I'm getting a memcpy failure on line 594 of ssl\s3_pkt.c (openssl
> 0.9.5.a).It seems to only happen when I have several threads (5 +) in the
> same application. It always occurs on the write, I have never had any
> problems on a read. Further it always happens in the server side. I've
> included a snippet of code from my initialization of the server side that
> might be helpful in figuring this out - ie, did I make a stupid mistake in
> setting things up. If anyone has seen this or has suggestions on how to
> figure out why the memcpy fails when it *seems* to have a valid SSL_Record
> struct please let me know. Is there an easy way for me to enable more
> detailed debugging in the SSL library?
>
> Any help would be appreciated.
>
> Bill Browning
>
> ---- CODE SNIP ----
>
> Class variables:
>
> Class CSSLSocket{
>
> *** LOTS OF STUFF SNIPPED OUT ***
>
> static SSL_CTX *m_Ssl_ctx;
> SSL *m_Ssl;
> BIO *m_Ssl_bio;
> BIO *m_Out;
> static std::vector< std::pair<BIO *, SOCKET> >
> m_Open_SSLSockets;
> };
>
>
> Function:
>
> bool CSSLSocket::InitializeSSLServer()
> {
> //create a new context struct
> // we want to use SSL v.3 in server mode with fallback to
> // SSL v.2.
> if(m_Ssl_ctx == NULL)
> {
> m_Ssl_ctx = SSL_CTX_new(SSLv23_server_method());
> }
> if(m_Ssl_ctx == NULL)
> {
> printf("Failed to create new SSL context!\n");
> return false;
> }
> else
> {
> if(!
> SSL_CTX_use_certificate_file(m_Ssl_ctx,m_CertificateFile.ascii(),
> SSL_FILETYPE_PEM))
> {
> ERR_print_errors_fp(stdout);
> }
> //set the private key to use.
> if(!
> SSL_CTX_use_PrivateKey_file(m_Ssl_ctx,m_CertificateFile.ascii(),SSL_FILETY
> PE
> _PEM))
> {
> ERR_print_errors_fp(stdout);
> }
> //make sure the private key listed in the the PEM is okay.
> if(! SSL_CTX_check_private_key(m_Ssl_ctx))
> {
> ERR_print_errors_fp(stdout);
> }
> SSL_CTX_set_cipher_list(m_Ssl_ctx, m_EnabledCiphers.ascii());
>
> //set the statemachine.
> m_Ssl = SSL_new(m_Ssl_ctx);
> SSL_set_accept_state(m_Ssl);
> SSL_set_options(m_Ssl,SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER);
>
> //set up the server BIO
> m_Ssl_bio = BIO_new(BIO_f_ssl());
> BIO_set_ssl(m_Ssl_bio,m_Ssl, BIO_CLOSE);
> //start accepting connections on the desired socket
> m_Out = BIO_new_socket(m_hSocket, BIO_NOCLOSE );
> if(m_Out == NULL)
> {
> ERR_print_errors_fp(stdout);
> }
> BIO_set_close(m_Out,0); //do not close the socket, the underlying
> class can do that for us.
> m_Out = BIO_push(m_Ssl_bio, m_Out);
> }
>
> m_CryptorActive = true;
> pair< BIO *, SOCKET> item;
> item.first = m_Out;
> item.second = SocketHandle();
> CSynchro::ESYNCH_ERROR eError = CSynchro::SUCCESS;
> eError = m_csSSLSockets.Grab();
> assert(eError == CSynchro::SUCCESS);
> m_Open_SSLSockets.insert(m_Open_SSLSockets.end(),item);
> m_csSSLSockets.Release();
> _RPT1(_CRT_WARN, "\n\nCreating m_Out:%lx on socket: %lx\n\n",
> m_Out,m_hSocket);
>
> return true;
>
> }
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
