[Pkg-openssl-devel] Bug#534656: libssl0.9.8: Another valgring/helgrind error Possible data race

Russell Coker russell at coker.com.au
Fri Jun 26 04:54:55 UTC 2009 

Package: libssl0.9.8
Version: 0.9.8g-15+lenny1
Severity: normal

==27060== Possible data race during read of size 8 at 0x55efc28 by thread #3
==27060==    at 0x5318A94: RSA_get_default_method (rsa_lib.c:88)
==27060==    by 0x5318AEF: RSA_new_method (rsa_lib.c:139)
==27060==    by 0x531B76C: rsa_cb (rsa_asn1.c:80)
==27060==    by 0x534CB42: asn1_item_ex_combine_new (tasn_new.c:177)
==27060==    by 0x53501E4: ASN1_item_ex_d2i (tasn_dec.c:399)
==27060==    by 0x53502B3: ASN1_item_d2i (tasn_dec.c:134)
==27060==    by 0x534863C: d2i_PublicKey (d2i_pu.c:96)
==27060==    by 0x534624F: X509_PUBKEY_get (x_pubkey.c:364)
==27060==    by 0x5346C07: d2i_PUBKEY (x_pubkey.c:390)
==27060==    by 0x40D580: SelectorInfo::Parse(char*) (dkimverify.cpp:1312)
==27060==    by 0x40E1A4: CDKIMVerify::GetSelector(std::string const&, std::stri
ng const&) (dkimverify.cpp:1369)
==27060==    by 0x410220: CDKIMVerify::ProcessHeaders() (dkimverify.cpp:719)
==27060==  This conflicts with a previous write of size 8 by thread #2
==27060==    at 0x5318AB5: RSA_get_default_method (rsa_lib.c:96)
==27060==    by 0x5318AEF: RSA_new_method (rsa_lib.c:139)
==27060==    by 0x531B76C: rsa_cb (rsa_asn1.c:80)
==27060==    by 0x534CB42: asn1_item_ex_combine_new (tasn_new.c:177)
==27060==    by 0x53501E4: ASN1_item_ex_d2i (tasn_dec.c:399)
==27060==    by 0x53502B3: ASN1_item_d2i (tasn_dec.c:134)
==27060==    by 0x534863C: d2i_PublicKey (d2i_pu.c:96)
==27060==    by 0x534624F: X509_PUBKEY_get (x_pubkey.c:364)

The above is from an AMD64 system running the latest Debian/Lenny packages.
Here is the OpenSSL source code in question with ifdef stuff removed:
        if (default_RSA_meth == NULL)  // line 88
                {
                default_RSA_meth=RSA_PKCS1_SSLeay(); // line 96

Is it guaranteed that a pointer write is atomic?  If it is possible for the
assignment on line 96 to half-complete before a task switch (IE write 4 bytes
of the 8 byte AMD64 pointer) then the above code has a race condition.

In any case this is a race condition with the RSA_set_default_method() function
81 of rsa_lib.c.

More information about the Pkg-openssl-devel mailing list