Bug 128285 - OpenSSL RAND code has unsafe use of select()
Summary: OpenSSL RAND code has unsafe use of select()
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: openssl   
(Show other bugs)
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Brian Brock
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-07-21 09:04 UTC by Joe Orton
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version: openssl-0.9.7f-6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-04-27 11:16:45 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Joe Orton 2004-07-21 09:04:37 UTC
Description of problem:
The OpenSSL RAND code uses select() to poll /dev/random and doesn't
check that fd numbers returned by open() are < FD_SETSIZE before
passing them to FD_SET.  This causes undefined behaviour i.e.
segfaults if fd numbers are pushed above 1024 when e.g. using
thousands of log files in a large-scale vhost config with Apache.

The code should at minimum have < FD_SETSIZE checks and ideally would
use poll() instead to remove the problem entirely.

(there are many such bugs in random Apache modules and libraries they
use, filing bugs on each of them as I find them)

Comment 1 Matthew Miller 2005-04-26 15:26:02 UTC
Fedora Core 2 is now maintained by the Fedora Legacy project for
security updates only. If this problem is a security issue, please
reopen and reassign to the Fedora Legacy product. If it is not a
security issue and hasn't been resolved in the current FC3 updates or
in the FC4 test release, reopen and change the version to match.

Comment 2 Tomas Mraz 2005-04-27 11:16:45 UTC
Replaced select by poll.



Note You need to log in before you can comment on or make changes to this bug.