Hi, I am using the AES-CCM patch for Openssl with my code and am encountering some segmentation faults which are happening within the AES_CCM code. I was hoping you could help me sort out the problem.
Thanks in advance for your valuable time. I am using the AES-CCM patch given in ( http://marc.info/?l=openssl-dev&m=124340739803855 ) with OpenSSL Version- 1.0.0-beta2. On running the program, I get segmentation faults. The GDB backtrace for the faulting thread (the program is multi-threaded) is below #0 0xb80a0424 in __kernel_vsyscall () #1 0x0030ad10 in raise () from /lib/libc.so.6 #2 0x0030c621 in abort () from /lib/libc.so.6 #3 0x00342e5b in __libc_message () from /lib/libc.so.6 #4 0x0034ab16 in _int_free () from /lib/libc.so.6 #5 0x0034e030 in free () from /lib/libc.so.6 #6 0x00a0748a in CRYPTO_free () from /lib/libcrypto.so.6 #7 0x00a5f79e in EVP_CIPHER_CTX_free () from /lib/libcrypto.so.6 #8 0x08049ab4 in AES_CCM_Common () #9 0x08088620 in ?? () #10 0x00af5340 in STORE_object_type_string () from /lib/libcrypto.so.6 #11 0x080886b0 in ?? () #12 0x00000010 in ?? () #13 0x00000008 in ?? () #14 0xb5084224 in ?? () #15 0x000041f8 in ?? () #16 0x00000001 in ?? () #17 0x08088620 in ?? () #18 0x00000007 in ?? () #19 0x00345198 in _IO_new_file_overflow () from /lib/libc.so.6 Previous frame inner to this frame (corrupt stack?) The segmentation fault does not occur at every call to AES_CCM_Encrypt or AES_CCM_Decrypt. However, since I make more than a hundred calls within my code, it does occur every time I run my code. The surrounding variables in my code (input data vector, output vector etc.) do not seem to have allocation problems - For example, the segfaults are not encountered when I replace AES_CCM with a dummy function which returns the plaintext itself as ciphertext output with zeros appropriately appended for the tag. (Similarly, the dummy Decrypt returns the text without the final zeros). I am using a tag length of 4 bytes, 16 byte key. The data lengths are between 200 and 1000 bytes usually and I am not using any Additional Authentication data. To figure out the problem I wrote a short standalone test code to test AES CCM - I've attached this short code(ccm2.c). The test code runs without segfaulting, but valgrind on the test code shows the following entries : (Full valgrind output is attached in o1.txt : Excerpt below). ==14032== Invalid read of size 4 ==14032== at 0xA5F6F6: EVP_CIPHER_CTX_cleanup (in /lib/libcrypto.so.0.9.8b) ==14032== by 0x804910B: AES_CCM_Common (in /home/mukmadha/mm.out) ==14032== by 0x402314E: ??? ==14032== Address 0x4023418 is 0 bytes inside a block of size 140 free'd ==14032== at 0x4004FDA: free (vg_replace_malloc.c:233) ==14032== by 0xA07489: CRYPTO_free (in /lib/libcrypto.so.0.9.8b) ==14032== by 0xA5F79D: EVP_CIPHER_CTX_free (in /lib/libcrypto.so.0.9.8b) ==14032== by 0x8049103: AES_CCM_Common (in /home/mukmadha/mm.out) ==14032== by 0x402314E: ??? ==14032== Invalid write of size 1 ==14032== at 0x4006554: memset (mc_replace_strmem.c:479) ==14032== by 0xA5F75B: EVP_CIPHER_CTX_cleanup (in /lib/libcrypto.so.0.9.8b) ==14032== by 0x804910B: AES_CCM_Common (in /home/mukmadha/mm.out) ==14032== by 0x402314E: ??? ==14032== Address 0x4023418 is 0 bytes inside a block of size 140 free'd ==14032== at 0x4004FDA: free (vg_replace_malloc.c:233) ==14032== by 0xA07489: CRYPTO_free (in /lib/libcrypto.so.0.9.8b) ==14032== by 0xA5F79D: EVP_CIPHER_CTX_free (in /lib/libcrypto.so.0.9.8b) ==14032== by 0x8049103: AES_CCM_Common (in /home/mukmadha/mm.out) ==14032== by 0x402314E: ??? Incidentally Valgrind on my original code gives similar entries (Invalid reads in EVP_CIPHER_CTX_cleanup, mainly). I am wondering if the Invalid write from the test code's valgrind is an indication of a problem with the AES_CCM code and is causing bigger issues in my multi-threaded code even though it does not cause Segfaults in the test code. Or is it some kind of initialization trouble caused by improper initialization of AES_CCM functions? So far, Ive just used OPENSSL_add_all_algorithms_noconf() for initialization. Have you come across this or similar problems? Any pointers you could throw on this problem is appreciated. Thanks again for your time, Kavya A. -- View this message in context: http://old.nabble.com/Segmentation-faults-within-AES-CCM-patch-of-OpenSSL-Version--1.0.0-beta2-tp30705472p30705472.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org