{note: I'm not subscribed to any openssl-mailinglist, please
contact me directly if necessary}
Hi,
I used "openssl rand" to create random data blocks for filesystem
and disk testing and noticed that on a full filesystem openssl
rand does not return a non-zero exit status when the filesystem is
full.
If it cannot open the output file, the return status is 1, indicating
failure.
$ openssl rand -out /etc/cannotwrite 10 ; echo "$?"
5138:error:0200100D:system library:fopen:Permission
denied:bss_file.c:356:fopen('/etc/cannotwrite','w')
5138:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:358:
1
If the filesystem is full, the return status is 1, even though no
actual content has been written.
# openssl rand -out /mnt/fs_full 16 ; echo "$?"
0
# ls -l /mnt/fs_full
-rw-r--r-- 1 root root 0 Sep 12 12:44 /mnt/fs_full
The write() system call fails with ENOSPC:
# strace -e write openssl rand -out /mnt/fs_full 16
write(3, "\224jP\207U\205\236\4\241\356V\16\1q\35\303", 16) = -1 ENOSPC
(No space left on device)
If one looks at the sourcecode, then it's obvious that the return-code
of BIO_write() is not checked:
--- openssl-1.0.1c/apps/rand.c, Line 223
if (!hex)
BIO_write(out, buf, chunk);
else
{
for (i = 0; i < chunk; i++)
BIO_printf(out, "%02x", buf[i]);
}
I don't know the precise semantics of BIO_write, so I can only propose
that the return of BIO_write is checked against the expected return
and the program return code adapted to indicate failure once
an error has occured writing out the random bytes.
Greetings,
Chris
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
