Hello rt,
During stress testing my project, suddenly got crash inside openssl
openssl version - openssl-0.9.8i
compiler - Microsoft Visual Studio 2008 Professional Edition (C++ project)
project - x64 debug compilation
OS - Microsoft Windows XP x64 Edition Service Pack 2
usage example:
__inline void Rand(unsigned char* pBuf, uintptr_t nSize)
{
RAND_pseudo_bytes(pBuf,int(nSize));
}
__inline uintptr_t Rand(void)
{
uintptr_t nRet;
Rand(reinterpret_cast<unsigned char*>(&nRet),sizeof(uintptr_t));
return nRet;
}
uintptr_t = Rand();
stress test:
my code executing Rand() repeately in two threads with
100% loading of Dual Core CPU, in 100k-300k calls application
crashes. no need to wait long :)
crash:
0xc0000005 (ACCESS_VIOLATION)
sha1_block_data_order d:\libraryes\openssl-0.9.8i\crypto\sha\sha_locl.h (259)
where is wrong:
ssleay_rand_bytes d:\libraryes\openssl-0.9.8i\crypto\rand\md_rand.c (474)
crypto\rand\md_rand.c line 470:
k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; <------- something wrong around this
line
with this data I'm getting crash:
st_idx = 1032
st_num = 1023
k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; // k == 19
// MD_DIGEST_LENGTH/2-k == -9
MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k); // with -9 it will crash
I'm getting 100% crashes at each stress test. :(
ps: sorry for my english
--
Best regards,
Osup mailto:[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
