Subject: [libssh2] #229: static const EVP_CIPHER * make_ctr_evp (size_t keylen) in openssl.c not threadsafe

[libssh2] #229: static const EVP_CIPHER * make_ctr_evp (size_t keylen) in openssl.c not threadsafe

From: libssh2 Trac <trac_at_libssh2.stuge.se>
Date: Tue, 27 Sep 2011 21:07:52 -0000

#229: static const EVP_CIPHER * make_ctr_evp (size_t keylen) in openssl.c
not threadsafe
----------------------+--------------------
Reporter: engstrom | Owner:
Type: defect | Status: new
Priority: normal | Milestone: 1.2.9
Component: API | Version: 1.3.0
Keywords: | Blocked By:
Blocks: |
----------------------+--------------------
make_ctr_evp() is calling memset on a static structure. With many (512+)
concurrent threads setting up ssh connections OpenSSL 0.9.8r is about to
use the static structure in one thread when another thread comes through
make_ctr_evp() and the structure is memset to 0. Before make_ctr_evp()
can set the appropriate structure members the thread currently calling
down into the OpenSSL 0.9.8r deferences a now null structure member
(maybe one of the function pointers?) and blows up.

-- 
Ticket URL: <http://trac.libssh2.org/ticket/229>
libssh2 <http://trac.libssh2.org/>
C library for writing portable SSH2 clients
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

Received on 2011-09-27

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]