[From nobody Sat Mar 21 13:39:08 2026 Received: (at 681612-done) by bugs.debian.org; 21 Mar 2026 13:36:27 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1-bugs.debian.org_2005_01_02 (2024-03-25) on buxtehude.debian.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=4.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HAS_BUG_NUMBER, RCVD_IN_DNSWL_MED,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED, RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no version=4.0.1-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 29; hammy, 113; neutral, 43; spammy, 1. spammytokens:0.942-+--H*r:bugs.debian.org hammytokens:0.000-+--manpage, 0.000-+--H*F:U*sebastian, 0.000-+--H*F:D*breakpoint.cc, 0.000-+--H*RU:sk:chamill, 0.000-+--H*r:sk:chamill Return-path: <sebastian@breakpoint.cc> Received: from chamillionaire.breakpoint.cc ([91.216.245.30]:36150) by buxtehude.debian.org with esmtps (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.96) (envelope-from <sebastian@breakpoint.cc>) id 1w3wV9-007W5h-0g for 681612-done@bugs.debian.org; Sat, 21 Mar 2026 13:36:27 +0000 Date: Sat, 21 Mar 2026 14:36:09 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=breakpoint.cc; s=2025; t=1774100171; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=bHmd6UA/oKORAHRiuEiI+J+GReQHRNPdZOhx3i1ZyKo=; b=eAth+6T9gyfR256v3/KaBGuDqTqhRPEGo8vUpkTOCI3z/oq+AN40kKxNjkhiOhOTf160Ao JgxwFZ8E1W/ZHZXwWdRR2RgNO4SNJjFAUQspdRRDrdJp9Uf60IjrUOlyZKb1IqPF0+jR2i kecdtlPf2ypDyZ8zQlD4sRkjZI+3HxEM2wU0B6v2DBLYYy0J8/NVKU0Mf+uk1YbPL60a7F mBUB5YH7GGMbUrESRpgQYryvHrNWZlNXg8RgzVeJtzk2hwmomszhVHfGXbOm9JGhhdaUZH DdkyOtqw5W8puCftkLoFFObhw0u6jT86lhgkGus0Xue8sU20j9HBDIfE/p+jvg== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=breakpoint.cc; s=2025e; t=1774100171; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=bHmd6UA/oKORAHRiuEiI+J+GReQHRNPdZOhx3i1ZyKo=; b=PhFWOWuOqXThJxhDE4Emt0STjq3cXtl3Jnmv0gGT8BJQHLEGzkJq/0SgOjNjyiGlUnCWwh M9XpqkJZGzdNueCQ== From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> To: Marc Lehmann <debian-reportbug@plan9.de>, 681612-done@bugs.debian.org Subject: Re: Bug#681612: libssl1.0.0: fishy reliance on errno when errno is not set Message-ID: <20260321133609.sYfQ1WeV@breakpoint.cc> References: <20120714183008.4181.29861.reportbug@cerebro.laendle> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20120714183008.4181.29861.reportbug@cerebro.laendle> On 2012-07-14 20:30:08 [+0200], Marc Lehmann wrote: > Hi! Hi, > Specifically, what tipped me of is this macro: > > #define clear_sys_error() errno=0 > > It is used a great number of times in openssl, so the problem I saw might > be endemic. The above macro cannot be of use in a POSIX (or GNU/Linux > program), except for very few functions that require it (none of which > openssl uses) or possibly to improve the debugging experience by having > errno 0 "more often" in the debugger. > > However, openssl wrongly relies on it, at least in ./crypto/bio/bss_fd.c: > > fd_read calls read(), and if read returns <= 0, it calls BIO_fd_should_retry. > > BIO_fd_should_retry sets BIO_fd_non_fatal_error with errno if ret == 0. > > However, when read returns 0, errno has undefined contents (0 is not a > failure, and errno is only defined after a failure), so openssl relies on > an undefined value in BIO_fd_non_fatal_error which in turn might make it > signal an error when none happened (or worse). if read() returns 0 then errno is unchanged. It was set to 0 so it should remain 0. From looking in the man-page, there no indication of undefined behaviour, it says "return -1 and errno indicates the error". Therefore closing. If you think this is wrong, please come back. Sebastian]