> We have encountered a Segmentation Fault while trying to send a SSL
> packet via Oracle VM agent.
>
> The Segmentation Fault occurred when EVP_MD_CTX_copy() failed in tls1_mac().
> tls1_mac() doesn't check the return code of EVP_MD_CTX_copy() and keep
> going, which results in Segmentation Fault at EVP_DigestUpdate().
>
> The following change in tls1_mac() fixes the segfault issue.
>
> 1 Index: openssl/ssl/t1_enc.c
> 2
> ============================================================================
> 3 $ diff -ru ssl/t1_enc.c ssl/t1_enc.c
> 4 --- t1_enc.c.orig Tue Dec 10 15:36:05 2013
> 5 +++ t1_enc.c Wed Dec 11 09:29:02 2013
> 6 @@ -980,7 +980,10 @@
> 7 }
> 8 else
> 9 {
> 10 - EVP_MD_CTX_copy(&hmac,hash);
> 11 + if (EVP_MD_CTX_copy(&hmac,hash) != 1)
> 12 + {
> 13 + return (0);
> 14 + }
> 15 mac_ctx =&hmac;
> 16 }
> 17
The return value indicating error is -1 in this case.
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=03da57fe14f2de5bde9d4496a2ae9a4ae8879f88
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
