Robert Relyea wrote, On 06/22/2010 01:54 AM:
On 06/19/2010 01:43 PM, Mads Kiilerich wrote:
Hi
I'm trying to port an application from OpenSSL to NSS. The biggest
problem right now is that valgrind reports that NSS accesses invalid
memory when using RC4. There is no problem with chunk sizes up to 8
and sizes divisible with 4, but for other sizes it access the source
and destination in chunks of 4 bytes.
Do I do something wrong, or is it a bug or feature of NSS? Is this
behaviour documented somewhere?
I'm using nss-3.12.6-7.fc13.i686
/Mads
IIRC you can ignore the read valgrind warnings in this case. The code is
grabbing data a word at a time for efficiency reasons, then masking or
shifting out the part that was read from uninitialized memory.
Yes, it works correctly, so I assume that it doesn't use the extra
bytes. It is however not just reading uninitialized memory (which
valgrind usually tracks correctly), but it reads unallocated memory. It
is also interesting that it doesn't read beyond the bounds for small
sizes, so it seems like there is some smart logic that doesn't work.
The example do however also show that it writes unallocated memory. That
looks like a genuine buffer overflow which could have security implications?
/Mads
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
