Shobhit Gupta wrote:
> Hi,
>
> We were using OpenSSL in our product, but lately after testing on
> Vista, our application was was crashing (only in Vista) in
> SSL_Connect(). (It worked fine in XP)
>
> After debugging through OpenSSL we found that within RAND_poll() it
> was crashing in a win32 api function snap(TH32CS_SNAPALL,0).
I would like to see a minidump with heap for an instance of an
application crashing in this circumstance.  I will require the source
code to the test application, the matching binary and symbols.
>
> With reference to the RAND_poll() issue described in
> http://www.mail-archive.com/openssl-dev@openssl.org/msg18900.html we
> came to know that RAND_poll() crash occurs especially during a
> multithreaded environment.
The purpose of the CreateToolhelp32Snapshot function is to permit
walking data structures that are constantly changing by creating a
read-only copy that will not change.  The returned HANDLE points to a
unique snapshot.  Walking the contents of the data structures in this
snapshot is thread safe. 
>
> Getting more info from an MSDN page
> http://msdn2.microsoft.com/en-us/library/ms682489.aspx we got to know
> that :
> TH32CS_SNAPALL copies process + thread information
> while
> TH32CS_SNAPPROCESS copies just the process information.
That is not the crucial item.  SNAPALL includes the HEAPLIST whereas
SNAPPROCESS by itself does not.
>
> So we tried changing from *snap(TH32CS_SNAPALL,0)* to
> *snap(TH32CS_SNAPPROCESS ,0)* And then it worked and did not crash.
The important question is "where is the crash?"  Is the crash occurring
within the CreateToolhelp32Snapshot function call?

If so, is your application running in an environment which does not
support COM (or in Vista perhaps WMI)? 
>
> Can anyone confirm if these changes are good (safe)?
Making the change reduces the amount of data that is obtained for use in
initializing the random number generator. 
> Has anyone else faced such RAND_poll() related crash before ?
Yes.
>
> Is there anyway I can bypass that RAND_poll() call (as described in
> the last paragraph of
> http://www.mail-archive.com/openssl-dev@openssl.org/msg18900.html).
Your application can all RAND_add() and provide an alternate source of
random data.  If there is sufficient random data available, RAND_poll()
will not be called.
>
> Thanks in advance,
> Regards,
> Shobhit Gupta

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to