[openssl.org #1764] openssl-0.9.8i random generator bug
no response in years, assuming the diagnosis is right. closing this. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1764] openssl-0.9.8i random generator bug
[EMAIL PROTECTED] - Tue Oct 21 14:23:50 2008]: Hello rt, During stress testing my project, suddenly got crash inside openssl openssl version - openssl-0.9.8i compiler - Microsoft Visual Studio 2008 Professional Edition (C++ project) project - x64 debug compilation OS - Microsoft Windows XP x64 Edition Service Pack 2 usage example: __inline void Rand(unsigned char* pBuf, uintptr_t nSize) { RAND_pseudo_bytes(pBuf,int(nSize)); } __inline uintptr_t Rand(void) { uintptr_t nRet; Rand(reinterpret_castunsigned char*(nRet),sizeof(uintptr_t)); return nRet; } uintptr_t = Rand(); stress test: my code executing Rand() repeately in two threads with 100% loading of Dual Core CPU, in 100k-300k calls application crashes. no need to wait long :) crash: 0xc005 (ACCESS_VIOLATION) sha1_block_data_order d:\libraryes\openssl- 0.9.8i\crypto\sha\sha_locl.h (259) where is wrong: ssleay_rand_bytes d:\libraryes\openssl- 0.9.8i\crypto\rand\md_rand.c (474) crypto\rand\md_rand.c line 470: k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; --- something wrong around this line with this data I'm getting crash: st_idx = 1032 st_num = 1023 k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; // k == 19 // MD_DIGEST_LENGTH/2-k == -9 MD_Update(m,(state[st_idx]),MD_DIGEST_LENGTH/2-k); // with -9 it will crash I'm getting 100% crashes at each stress test. :( Hmm, that is odd. STATE_SIZE is 1024, so there must not be st_idx with a value larger than 1023. Upon call st_idx is set from state_index. As your application is using threads: have you made sure that proper locking functions are activated? A failure to properly lock the threads while updating st_idx and friends would explain a failure like this. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1764] openssl-0.9.8i random generator bug
Hello rt, During stress testing my project, suddenly got crash inside openssl openssl version - openssl-0.9.8i compiler - Microsoft Visual Studio 2008 Professional Edition (C++ project) project - x64 debug compilation OS - Microsoft Windows XP x64 Edition Service Pack 2 usage example: __inline void Rand(unsigned char* pBuf, uintptr_t nSize) { RAND_pseudo_bytes(pBuf,int(nSize)); } __inline uintptr_t Rand(void) { uintptr_t nRet; Rand(reinterpret_castunsigned char*(nRet),sizeof(uintptr_t)); return nRet; } uintptr_t = Rand(); stress test: my code executing Rand() repeately in two threads with 100% loading of Dual Core CPU, in 100k-300k calls application crashes. no need to wait long :) crash: 0xc005 (ACCESS_VIOLATION) sha1_block_data_order d:\libraryes\openssl-0.9.8i\crypto\sha\sha_locl.h (259) where is wrong: ssleay_rand_bytes d:\libraryes\openssl-0.9.8i\crypto\rand\md_rand.c (474) crypto\rand\md_rand.c line 470: k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; --- something wrong around this line with this data I'm getting crash: st_idx = 1032 st_num = 1023 k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; // k == 19 // MD_DIGEST_LENGTH/2-k == -9 MD_Update(m,(state[st_idx]),MD_DIGEST_LENGTH/2-k); // with -9 it will crash I'm getting 100% crashes at each stress test. :( ps: sorry for my english -- Best regards, Osup mailto:[EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]