Hello, this is a follow-up to #3891 (https://mta.openssl.org/pipermail/openssl-dev/2015-June/001667.html ). Kurt Roeckx has committed many fixes to the bugs aggregated in that report. Since, we have been replaying the tests in a recent OpenSSL development version, posterior to these commits, to see what issues remained and re-submit them individually with more explanation. This means that #3891 can now be closed (grouping too many fixes in a same entry may not have been such a good idea after all).
First, an old problem for which detection was only implemented recently : the memcpy call in bn_add.c can be passed identical pointers, which are thus pointing to overlapping zones. The code has been so for a long time and someone would likely have noticed if this had practical consequences, but in principle, invoking memcpy to copy between overlapping memory zones is undefined behavior even if the overlap is exact. This can be fixed locally as in the attached patch.
bn_memcpy_overlap.patch
Description: Binary data
One actual sequence for which the pointers ap and rp end up being identical is as follows: 1/ probable_prime_dh_safe calls BN_sub(q, q, t1) 2/ in BN_sub, r and a are then aliases 3/ BN_sub calls BN_usub(r, a, b) so r and a are still aliases in BN_usub 4/ in BN_usub, ap = a->d; and rp = r->d; then the 2 pointers can be incremented, but an identical number of times 5/ then memcpy is called with rp and ap that are still aliases, which is undefined behavior
_______________________________________________ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
