[MDEV-7772] SIGSEGV on my_aes_encrypt_cbc when -DWITH_SSL=bundled - JIRA

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 10.1.3
Fix Version/s: 10.1.4
Component/s: Encryption
Labels:
None

Description

Read/Write outside of buffer at memcpy(); yaSSL related
OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx.ctx) == iv_length); // ECB does not use IV, thus incorrect assertion

Gliffy Diagrams

Attachments

Issue Links

relates to

MDEV-7450 file_example_key_management_plugin and example_key_management_plugin don't work with yassl

Closed

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Jan Lindström added a comment - 2015-03-13 10:44

How to repeat:

Build with cmake . -DCMAKE_BUILD_TYPE=Debug -DWITH_SSL=bundled
./mysql-test-run --vardir=/dev/shm innodb-page_encryption_log_encryption

Show

Jan Lindström added a comment - 2015-03-13 10:44 How to repeat: Build with cmake . -DCMAKE_BUILD_TYPE=Debug -DWITH_SSL=bundled ./mysql-test-run --vardir=/dev/shm innodb-page_encryption_log_encryption

Hide

Permalink

Jan Lindström added a comment - 2015-03-13 13:48 - edited

Added:

mysql-test/include/have_file_key_management_plugin.combinations ( to run with aes_cbc and aes_ecb)
mysql-test/include/have_openssl_ctr.combinations ( to run with aes_cbc, aes_ecb and aes_ctr)

Show

Jan Lindström added a comment - 2015-03-13 13:48 - edited Added: mysql-test/include/have_file_key_management_plugin.combinations ( to run with aes_cbc and aes_ecb) mysql-test/include/have_openssl_ctr.combinations ( to run with aes_cbc, aes_ecb and aes_ctr)

Hide

Permalink

Jan Lindström added a comment - 2015-03-13 14:20

http://lists.askmonty.org/pipermail/commits/2015-March/007584.html

InnoDB/XtraDB changes are trivial fixes for newer compilers (C++11).

Show

Jan Lindström added a comment - 2015-03-13 14:20 http://lists.askmonty.org/pipermail/commits/2015-March/007584.html InnoDB/XtraDB changes are trivial fixes for newer compilers (C++11).

Hide

Permalink

Jan Lindström added a comment - 2015-03-13 14:21

No need to review InnoDB/XtraDB changes.

Show

Jan Lindström added a comment - 2015-03-13 14:21 No need to review InnoDB/XtraDB changes.

Hide

Permalink

Jan Lindström added a comment - 2015-03-17 07:44

commit a3e68b4a558e1dd0ff61e497316cb6a32d3de410
Author: Jan Lindström <jan.lindstrom@mariadb.com>
Date: Fri Mar 13 14:18:07 2015 +0200

~~MDEV-7772~~: SIGSEGV on my_aes_encrypt_cbc when -DWITH_SSL=bundled

Two problems:

Read/Write outside of buffer at memcpy() because of incorrect parameters
. OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx.ctx) == iv_length); // ECB does not use IV, thus incorrect assertion

Added:
mysql-test/include/encryption_algorithms.combinations to run tests with methods cbc, ecb and ctr in those systems where they are available (see suite.pm).

Show

Jan Lindström added a comment - 2015-03-17 07:44 commit a3e68b4a558e1dd0ff61e497316cb6a32d3de410 Author: Jan Lindström <jan.lindstrom@mariadb.com> Date: Fri Mar 13 14:18:07 2015 +0200 MDEV-7772 : SIGSEGV on my_aes_encrypt_cbc when -DWITH_SSL=bundled Two problems: Read/Write outside of buffer at memcpy() because of incorrect parameters . OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx.ctx) == iv_length); // ECB does not use IV, thus incorrect assertion Added: mysql-test/include/encryption_algorithms.combinations to run tests with methods cbc, ecb and ctr in those systems where they are available (see suite.pm).

People

Assignee:

Jan Lindström

Reporter:

Jan Lindström

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

2015-03-13 10:43

Updated:

2015-03-17 07:44

Resolved:

2015-03-17 07:44

Agile

View on Board