From owner-freebsd-stable@FreeBSD.ORG Tue Jan 10 03:10:39 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4BDAB16A41F for ; Tue, 10 Jan 2006 03:10:38 +0000 (GMT) (envelope-from PeterJeremy@optushome.com.au) Received: from mail19.syd.optusnet.com.au (mail19.syd.optusnet.com.au [211.29.132.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id 255D543D45 for ; Tue, 10 Jan 2006 03:10:35 +0000 (GMT) (envelope-from PeterJeremy@optushome.com.au) Received: from cirb503493.alcatel.com.au (c220-239-19-236.belrs4.nsw.optusnet.com.au [220.239.19.236]) by mail19.syd.optusnet.com.au (8.12.11/8.12.11) with ESMTP id k0A3AYca020280 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Tue, 10 Jan 2006 14:10:34 +1100 Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au [127.0.0.1]) by cirb503493.alcatel.com.au (8.12.10/8.12.10) with ESMTP id k0A3AXHh060635; Tue, 10 Jan 2006 14:10:33 +1100 (EST) (envelope-from pjeremy@cirb503493.alcatel.com.au) Received: (from pjeremy@localhost) by cirb503493.alcatel.com.au (8.12.10/8.12.9/Submit) id k0A3AXt4060634; Tue, 10 Jan 2006 14:10:33 +1100 (EST) (envelope-from pjeremy) Date: Tue, 10 Jan 2006 14:10:33 +1100 From: Peter Jeremy To: Pavel Gorshkov Message-ID: <20060110031033.GB60380@cirb503493.alcatel.com.au> References: <20060109235953.GA2868@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060109235953.GA2868@localhost> User-Agent: Mutt/1.4.2.1i X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc Cc: freebsd-stable@freebsd.org Subject: Re: SHA1_Update() produces wrong results for large buffers X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jan 2006 03:10:39 -0000 On Tue, 2006-Jan-10 02:59:53 +0300, Pavel Gorshkov wrote: >The problem is that the asm-optimized version fails on large input >buffers. Attached is a test program, which mmaps a file and then >just feeds its contents to SHA1_Update(): "openssl sha1" agrees with the shared version on -current. > # exits immediately, displaying a WRONG hash value > ./sha1test.md-static test-1.5G > 747cd7172ce7737d1735cf936c0d69ce0f733fcd I get this on 7-current as well. Copying the relevant bits from libmd and compiling it myself, I get the same behaviour. The fact that this exits virtually instantly strongly suggests that it is broken (rather than the shared version). My initial guess is that an operation on the length is overflowing 32 bits. Unfortunately, the asm is rather opaque - it was auto-generated by a perl script that doesn't seem to included in the repository. (There is a sha1-586.pl in openssl but it generates different code). As far as I can determine, the asm code (sha1_block_x86) is designed to process an integral number of SHA1 blocks of input, leaving the remainder to be processed in the C code. Using the debugger, the asm code is not looping when passed 1610612736 (1.5G) - which explains the rapid exit and incorrect result. -- Peter Jeremy