Skip to content

Fix broken change from b3d113e. #8606

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
paulidale wants to merge 1 commit into from
Closed

Fix broken change from b3d113e. #8606

paulidale wants to merge 1 commit into from

Conversation

@paulidale
Copy link
Contributor

@paulidale paulidale commented Mar 28, 2019

Alternative to #8603
Fixing the problem introduced in b3d113e using memset(3).

The underlying issue is that, on my machine, the size of data is 16 bytes, but the sizes of it's two feilds are 8 and 4 respectively. This leaves 4 bytes of padding. I don't think C guarantees to initialise this to zero in either of the assignment cases.

All of the data structure is added to the entropy pool (counting as zero entropy).

@paulidale paulidale added branch: master Applies to master branch approval: review pending This pull request needs review by a committer branch: 1.1.1 Applies to OpenSSL_1_1_1-stable branch (EOL) labels Mar 28, 2019
@paulidale
Copy link
Contributor Author

paulidale commented Mar 28, 2019

I'm feeling guilty about making the breaking change...

@t-j-h t-j-h added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Mar 28, 2019
@paulidale
Copy link
Contributor Author

paulidale commented Mar 29, 2019

Merged, thanks @t-j-h

@paulidale paulidale closed this Mar 29, 2019
@paulidale paulidale deleted the revert-b3d113e branch March 29, 2019 00:01
@paulidale paulidale mentioned this pull request Mar 29, 2019
Closed
2 tasks
levitte pushed a commit that referenced this pull request Mar 29, 2019
@paulidale
Fix broken change from b3d113e.
711a161 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from #8606)
@t8m
Copy link
Member

t8m commented May 30, 2019

This was not cherry-picked to 1.1.1. I am going to do it.

levitte pushed a commit that referenced this pull request May 30, 2019
@paulidale @t8m
Fix broken change from b3d113e.
15d7e79 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from #8606)

(cherry picked from commit 711a161)
@mrdeep1 mrdeep1 mentioned this pull request Jun 25, 2019
Merged
mrdeep1 added a commit to mrdeep1/libcoap that referenced this pull request Jun 25, 2019
@mrdeep1
Stop valgrind errors when using OpenSSL 1.1.1c
f1a8849 
Issue introduced by OpenSSL 1.1.1c causes valgrind errors to be reported.  See
https://www.mail-archive.com/openssl-commits@openssl.org/msg21701.html and
openssl/openssl#8606 which did not make 1.1.1c

scripts/build.sh:
tests/valgrind_suppression:

Temporarily suppress valgrind errors when SSL_CTS_New() is called when running
the tests.

Note: This suppression will also need to be applied when running valgrind
against other CoAP executables using OpenSSL 1.1.1c to prevent the valgrind
errors getting reported.
mrdeep1 added a commit to mrdeep1/libcoap that referenced this pull request Jun 25, 2019
@mrdeep1
Stop valgrind errors when using OpenSSL 1.1.1c
cdbba7f 
Issue introduced by OpenSSL 1.1.1c causes valgrind errors to be reported.  See
https://www.mail-archive.com/openssl-commits@openssl.org/msg21701.html and
openssl/openssl#8606 which did not make 1.1.1c

scripts/build.sh:
tests/valgrind_suppression:

Temporarily suppress valgrind errors when SSL_CTS_new() is called when running
the tests.

Note: This suppression will also need to be applied when running valgrind
against other CoAP executables using OpenSSL 1.1.1c to prevent the valgrind
errors getting reported.
@mrdeep1 mrdeep1 mentioned this pull request Jun 25, 2019
Merged
mrdeep1 added a commit to mrdeep1/libcoap that referenced this pull request Jun 25, 2019
@mrdeep1
Stop valgrind errors when using OpenSSL 1.1.1c
1ca6a33 
Issue introduced by OpenSSL 1.1.1c causes valgrind errors to be reported.  See
https://www.mail-archive.com/openssl-commits@openssl.org/msg21701.html and
openssl/openssl#8606 which did not make 1.1.1c

scripts/build.sh:
tests/valgrind_suppression:

Temporarily suppress valgrind errors when SSL_CTS_new() is called when running
the tests.

Note: This suppression will also need to be applied when running valgrind
against other CoAP executables using OpenSSL 1.1.1c to prevent the valgrind
errors getting reported.

src/coap_openssl.c:

memset cookie_secret to 0 to stop valgrind warning.
mrdeep1 added a commit to mrdeep1/libcoap that referenced this pull request Jun 25, 2019
@mrdeep1
Stop valgrind errors when using OpenSSL 1.1.1c
ff8f8d2 
Issue introduced by OpenSSL 1.1.1c causes valgrind errors to be reported.  See
https://www.mail-archive.com/openssl-commits@openssl.org/msg21701.html and
openssl/openssl#8606 which did not make 1.1.1c

scripts/build.sh:
tests/valgrind_suppression:

Temporarily suppress valgrind errors when SSL_CTS_new() is called when running
the tests.

Note: This suppression will also need to be applied when running valgrind
against other CoAP executables using OpenSSL 1.1.1c to prevent the valgrind
errors getting reported.

src/coap_openssl.c:

memset cookie_secret to 0 to stop valgrind warning.
@shigeki shigeki mentioned this pull request Jul 18, 2019
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@t-j-h t-j-h t-j-h approved these changes

Assignees

No one assigned

Labels

approval: done This pull request has the required number of approvals branch: master Applies to master branch branch: 1.1.1 Applies to OpenSSL_1_1_1-stable branch (EOL)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@paulidale @t8m @t-j-h