We're seeing intermittent failures in the AES key wrap test cases in
test/evp_test in the 1.0.2d release. We believe the problem is due to
using memcpy() with overlapping src/dst memory regions. The following
thread provides some insight into this memcpy() issue:
https://bugzilla.redhat.com/show_bug.cgi?id=638477
The documentation for memcpy() states to use memmove() when the memory
regions overlap. The attached patch resolves the problem. Please
consider accepting this patch in the 1.0.2 stable and master branches.
Thank you.
diff --git a/crypto/modes/wrap128.c b/crypto/modes/wrap128.c
index 9755cac..979b640 100644
--- a/crypto/modes/wrap128.c
+++ b/crypto/modes/wrap128.c
@@ -76,7 +76,7 @@ size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
return 0;
A = B;
t = 1;
- memcpy(out + 8, in, inlen);
+ memmove(out + 8, in, inlen);
if (!iv)
iv = default_iv;
@@ -113,7 +113,7 @@ size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
A = B;
t = 6 * (inlen >> 3);
memcpy(A, in, 8);
- memcpy(out, in + 8, inlen);
+ memmove(out, in + 8, inlen);
for (j = 0; j < 6; j++) {
R = out + inlen - 8;
for (i = 0; i < inlen; i += 8, t--, R -= 8) {
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
