[MDEV-7772] SIGSEGV on my_aes_encrypt_cbc when -DWITH_SSL=bundled Created: 2015-03-13  Updated: 2015-03-17  Resolved: 2015-03-17

Status: Closed
Project: MariaDB Server
Component/s: Encryption
Affects Version/s: 10.1.3
Fix Version/s: 10.1.4

Type: Bug Priority: Major
Reporter: Jan Lindström (Inactive) Assignee: Jan Lindström (Inactive)
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Relates
relates to MDEV-7450 file_example_key_management_plugin an... Closed

 Description   
  • Read/Write outside of buffer at memcpy(); yaSSL related
  • OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx.ctx) == iv_length); // ECB does not use IV, thus incorrect assertion

 Comments   
Comment by Jan Lindström (Inactive) [ 2015-03-13 ]

How to repeat:

  • Build with cmake . -DCMAKE_BUILD_TYPE=Debug -DWITH_SSL=bundled
  • ./mysql-test-run --vardir=/dev/shm innodb-page_encryption_log_encryption
Comment by Jan Lindström (Inactive) [ 2015-03-13 ]

Added:

  • mysql-test/include/have_file_key_management_plugin.combinations ( to run with aes_cbc and aes_ecb)
  • mysql-test/include/have_openssl_ctr.combinations ( to run with aes_cbc, aes_ecb and aes_ctr)
Comment by Jan Lindström (Inactive) [ 2015-03-13 ]

http://lists.askmonty.org/pipermail/commits/2015-March/007584.html

InnoDB/XtraDB changes are trivial fixes for newer compilers (C++11).

Comment by Jan Lindström (Inactive) [ 2015-03-13 ]

No need to review InnoDB/XtraDB changes.

Comment by Jan Lindström (Inactive) [ 2015-03-17 ]

commit a3e68b4a558e1dd0ff61e497316cb6a32d3de410
Author: Jan Lindström <jan.lindstrom@mariadb.com>
Date: Fri Mar 13 14:18:07 2015 +0200

MDEV-7772: SIGSEGV on my_aes_encrypt_cbc when -DWITH_SSL=bundled

Two problems:

  • Read/Write outside of buffer at memcpy() because of incorrect parameters
    . OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx.ctx) == iv_length); // ECB does not use IV, thus incorrect assertion

Added:
mysql-test/include/encryption_algorithms.combinations to run tests with methods cbc, ecb and ctr in those systems where they are available (see suite.pm).

Generated at Thu Feb 08 07:22:09 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.