Patch applied in commit 56d88027f026afd97ddf4e501f98437ca9819bfb.
Many thanks.
Matt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
This has been fixed in commit a0bd649336 on master, and similar commits for
1.0.2 and 1.0.1.
Many thanks for your report.
Matt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi. I have an application that generates Diffie-Hellman key pairs based
on some precomputed primes.
In 1.0.1 (and earlier) this works just fine, while in 1.0.2 it gives
valgrind errors (while still working).
The error only occurs on x86_64, and it does not occur on 1024 bit DH.
I've attached
On 08/05/15 09:40, Matt Caswell wrote:
On 08/05/15 02:28, Jeffrey Altman wrote:
Regardless, the inability to improve the support in this area has left
the those organizations that rely upon 2712 with the choice of use
insecure protocols or re-implement the applications. I do not
Patch applied. Many thanks.
Matt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Upon further investigation, it looks like the problem is in your sample
code. You need to invoke CRYPTO_cleanup_all_ex_data() before
terminating your program.
On 05/13/2015 07:25 AM, Henrik Grindal Bakken wrote:
Hi. I have an application that generates Diffie-Hellman key pairs based
on some
If you add the --show-reachable option to valgrind, you can see where
the leaks originate. They appear to be in the ex_data code (see
below). As a side note, I see 416 bytes lost when using OpenSSL 1.0.1f
as well as 1.0.2a.
==18173== HEAP SUMMARY:
==18173== in use at exit: 416 bytes in 6
John Foley fol...@cisco.com writes:
If you add the --show-reachable option to valgrind, you can see where
the leaks originate. They appear to be in the ex_data code (see
below). As a side note, I see 416 bytes lost when using OpenSSL 1.0.1f
as well as 1.0.2a.
Ah, I forgot to mention. I'm
commit b6d3cb543c2e91aa6820cde637db55ad1cee525f
Author: Rich Salz rs...@akamai.com
Date: Mon May 4 07:52:27 2015 -0400
RT1369: don't do helpful access check.
Don't do access check on destination directory; it breaks when euid/egid
is different from real uid/gid.
Reviewed-by: Richard Levitte
OpenSSL version: 1.0.2a after applying the patch from
http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3464
OS: Windows (tested on Windows 2012 r2 64 bit and Windows 7 64 bit)
openssl s_client introduces 2 delays of 1 second when closing the connection,
clearly visible when
OpenSSL_0_9_8-stable 155ca14 Add NULL checks from master
OpenSSL_1_0_0-stable 690d040 Add NULL checks from master
OpenSSL_1_0_1-stable 76b49a8 Add NULL checks from master
OpenSSL_1_0_2-stable f34b095 Add NULL checks from master
commit f34b095fab1569d093b639bfcc9a77d6020148ff
Author: Rich Salz
Fixed in master. Note that existing code can use the EVP_CTRL_INIT ctrl
operation to initialise cipher_data.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe:
Changing the movzwl to movzbl in bn_get_bits5 eliminates the valgrind
error. But this isn't a valid fix since bn_get_bits5 no longer returns
the correct data. My assembly skills are near nil. Maybe someone else
can propose a valid fix.
Having said this, this does show the problem appears to
Hello,
Currently 'apps_shutdown()' in 'openssl.c' isn't freeing the compression
methods. This is causing the CRT debug heap (and I assume various other
tools) to indicate a memory leak. Though OS will free all the resources
when user-mode application exits, it's better to do this explicitly
Hello,
Original 'sizeof(ADDED_OBJ)' was replaced with 'sizeof(*ao)'. However,
they return different sizes. Therefore as the result heap gets corrupted
and at some point later debug version of malloc() detects the corruption.
Issue reproduces with either enabling CRT debug heap or Application
Could this be the issue your seeing? It was fixed in boringssl I think.
https://boringssl.googlesource.com/boringssl/+/bf681a40d6142edfa44a27dc0d6e07e0c37865a4
https://boringssl-review.googlesource.com/#/c/1393/
---
Kurt Cancemi
https://www.x64architecture.com
On Wed, May 13, 2015 at 1:19 PM,
16 matches
Mail list logo