Bug 128285 - OpenSSL RAND code has unsafe use of select()
OpenSSL RAND code has unsafe use of select()
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: openssl (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-07-21 05:04 EDT by Joe Orton
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version: openssl-0.9.7f-6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-04-27 07:16:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Joe Orton 2004-07-21 05:04:37 EDT
Description of problem:
The OpenSSL RAND code uses select() to poll /dev/random and doesn't
check that fd numbers returned by open() are < FD_SETSIZE before
passing them to FD_SET.  This causes undefined behaviour i.e.
segfaults if fd numbers are pushed above 1024 when e.g. using
thousands of log files in a large-scale vhost config with Apache.

The code should at minimum have < FD_SETSIZE checks and ideally would
use poll() instead to remove the problem entirely.

(there are many such bugs in random Apache modules and libraries they
use, filing bugs on each of them as I find them)
Comment 1 Matthew Miller 2005-04-26 11:26:02 EDT
Fedora Core 2 is now maintained by the Fedora Legacy project for
security updates only. If this problem is a security issue, please
reopen and reassign to the Fedora Legacy product. If it is not a
security issue and hasn't been resolved in the current FC3 updates or
in the FC4 test release, reopen and change the version to match.
Comment 2 Tomas Mraz 2005-04-27 07:16:45 EDT
Replaced select by poll.

Note You need to log in before you can comment on or make changes to this bug.