Hello,
valgrind is reporting an invalid read in RC4 (I am using a purified lib
on MacOS).
I am calling RC4 on a buffer that is not a multiple of 4 bytes, but it
seems like the code is always reading data by chunk of 4 bytes (at least
on MacOS).
In particular, the code in rc4_enc.c, around line 235, seems to be wrong:
231 if (len)
232 {
233 RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;
234
235 ichunk = *(RC4_CHUNK *)indata;
236 ochunk = *(RC4_CHUNK *)outdata;
237 otp = 0;
238 i = 0;
If there are only 2 bytes left in the buffer, the *(RC4_CHUNK *)indata will
still access 4 bytes (RC4_CHUNK is a long on MacOS), causing the following
error in valgrind:
==20:08:55:44.231 45425== ERROR
==20:08:55:44.231 45425==
==20:08:55:44.231 45425== Invalid read of size 4
==20:08:55:44.231 45425== at 0x31AF82: RC4+1794 (in
/usr/local/openssl/lib/libcrypto.0.9.8.dylib)
==20:08:55:44.231 45425== by 0x7F0EFBE2: ???
==20:08:55:44.231 45425== Address 0x1abdc08 is 113,880 bytes inside a block of
size 113,882 alloc'd
==20:08:55:44.231 45425== at 0x220DCA: malloc+211 (in vgpreload_memcheck.so)
Is this expected ?
Thanks,
Julien
--
Julien Lerouge
PGP Key Id: 0xB1964A62
PGP Fingerprint: 392D 4BAD DB8B CE7F 4E5F FA3C 62DB 4AA7 B196 4A62
PGP Public Key from: keyserver.pgp.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
