Hello.
It appears that in v1.0 something relating to OPENSSL_cleanse has changed. Most
notably it crashes whenever len is zero. This was not the case with 0.9.8.
Here is a small test program:
#include <openssl/crypto.h>
int main()
{
char *foo = malloc(1);
if (!foo) {
printf("malloc()");
exit(1);
}
OPENSSL_cleanse(foo, 1);
printf("cleaned one byte\n");
OPENSSL_cleanse(foo, 0);
printf("cleaned zero bytes\n");
}
With 0.9.8l it produces the expected two lines:
cleaned one byte
cleaned zero bytes
With 1.0.0-beta4 (under gdb):
cleaned one byte
Program received signal SIGSEGV, Segmentation fault.
0x0014bd6f in OPENSSL_cleanse () from /usr/lib/libcrypto.so.10
The interesting thing here is that the implementation of mem_clr.c has not
changed between 0.9.8(k) and 1.0.0-beta5.
Is OPENSSL_cleanse supposed to be callable with zero length?
Tried it on Ubuntu 9.10 with 0.9.8g and 1.0.0-beta4, OSX with 0.9.8l and Fedora
12 with 1.0.0-beta4.
Any hints?
--
Martin Paljak
http://martin.paljak.pri.ee
+3725156495
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
