On Sun, Oct 08, 2006, The Havenard wrote: > Hi. I use OpenSSL in some of my applications and I noticed that sometimes > (I could say less then 2% times I run it) it crashed without apparent > reason, but lately it happened ALWAYS, without any changes on the program, > what's very strange. So I decided to track this bug, and I "almost" found > it... My program crashes when it called SSL_connect(), I tought it were my > code but tried hard to fix it and was completely unsuccessful. So I decided > to start debuging the OpenSSL internals and started placing some hooks... > I discovered where exactly the crash ocurred: > > ssl\s3_pkt.c, ssl3_read_n(), line 215: "s->s3->rbuf.offset = off + n;" > The crash occurs because s->s3 is NULL. > It's not NULL when ssl3_read_n() is called. It become NULL when > ssl3_read_n() calls BIO_read(), at line 198. I don't know exactly how > OpenSSL works but I guess BIO_read() should not mess with the SSL > structure, what's very strange too... > > More exactly, s->s3 becomes NULL at: > crypto\bio\bio_lib.c, BIO_read(), line 166: > "i=b->method->bread(b,out,outl);" > > And here is where I couldn't go ahead with my bug track, because I couldn't > discover who is b->method->bread. The only function I found that match this > variable is never called in this process. > But I discovered that when this function is called, SSL_free() is called > too. Twice. (ssl\ssl_lib.c, SSL_free()) And SSL_free() is the one that set > s->s3 to NULL. > > I want to continue this bug track, because it's important to me to make > OpenSSL work here again, but I need some help to discover which function is > b->method->bread. I'd love to use the Windows Search but it's "look inside" > resource doesn't look inside of *.c files, and OpenSSL source looks > confusing for me due to its excessive usage of macros. > > I tried a lot of different OpenSSL versions and all crashed. Some ones I > compiled myself, and some binaries that I found in the Internet. All > crashed. > > The same program with the same OpenSSL files works fine in other computers, > whats making me crazy... > > I'd like to contribute with OpenSSL Community with this aleatory crash > solved, but I just need some help with this b->method->bread(). >
This is within a BIO_METHOD structure. This is an I/O abstraction which is used so lots of different I/O methods (fd, socket, FILE * etc) can use the same I/O at the BIO level. Which function this calls depends on the BIO in question. Probably it is the socket function sock_read() in crypto/bio/bss_sock.c . Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
