On Sep 17, 2012, at 3:25 PM, Fredrik Jansson wrote: > Hi! > > I have found a crash in the DTLS code (OpenSSL 1.0.1c), unfortunately I don't > have a way of reproducing it. This has happened to one client (of many) in a > production environment, so it's not a common problem. > > The code that crashes is a DTLS client calling SSL_heartbeat. > > What is odd is the code at d1_pkt.c: 1460: > OPENSSL_assert(0); /* XDTLS: want to see if we ever get here */ > > I guess the answer is yes, sometimes you get here :) I really would like to understand why... I see two possibilities: 1. There is a code path which results in hitting this. 2. Memory corruption. > > The callstack is: > > OpenSSLDie openssl-1.0.1c/crypto/cryptlib.c:918 > do_dtls1_write openssl-1.0.1c/ssl/d1_pkt.c:1460 > dtls1_write_bytes openssl-1.0.1c/ssl/d1_pkt.c:1442 > dtls1_heartbeat openssl-1.0.1c/ssl/d1_both.c:1575 > ssl3_ctrl openssl-1.0.1c/ssl/s3_lib.c:3334 > dtls1_ctrl openssl-1.0.1c/ssl/d1_lib.c:267 > SSL_ctrl openssl-1.0.1c/ssl/ssl_lib.c:1104 This only show how we run into the condition, not what is causing it. Unfortunately. > > I will try my best to get more information about this. It would be great to have a way to reproduce it. > > Best regards, > Fredrik
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
