[tor-bugs] #6029 [Tor Relay]: relay crash in libcrypto (tor_tls_handshake)

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Wed Jun 6 19:35:47 UTC 2012


#6029: relay crash in libcrypto (tor_tls_handshake)
-----------------------+----------------------------------------------------
 Reporter:  ln5        |          Owner:                     
     Type:  defect     |         Status:  new                
 Priority:  major      |      Milestone:  Tor: 0.2.3.x-final 
Component:  Tor Relay  |        Version:  Tor: 0.2.3.15-alpha
 Keywords:             |         Parent:                     
   Points:             |   Actualpoints:                     
-----------------------+----------------------------------------------------

Comment(by nickm):

 Okay, that one's in write(), as called from sock_write, which lives in
 bss_sock.c.

 It calls writesocket (an alias for write()) as "write_socket(b->num, in,
 inl)". in and inl come as arguments from BIO_write(), and are passed in
 directly as the arguments of BIO_write.  Looks like that is called as:
 {{{
            i=BIO_write(s->wbio,
                    (char *)&(wb->buf[wb->offset]),
                    (unsigned int)wb->left);
 }}}

 If you still have that crash, can you also dump tls->ssl->s3 and
 tls->ssl->s3->wbuf ?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6029#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list