Re: Advantech openssl compatibility issue

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Advantech openssl compatibility issue

Brian.Chou

Subscribe and send again.

 

From: Brian.Chou
Sent: Wednesday, June 13, 2018 1:21 PM
To: '[hidden email]'
Cc: Brian.Ng; Mojo.Huang
Subject: Advantech openssl compatibility issue

 

Dear support team

 

  We met openssl crash issue on our Intel Atom C3000 SoC platform.

Openssl crashes when run “s_client –connect IP:Port” command.

In win10 event viewer it show “Faulting module name:LIBEAY32.dll, version:1.0.2.8……”. (Figure 1)

The issue only happened to “1.0.2h” or older version. (Table 1)

And other CPU/Chipset on our side can work normally with same command.

Can you help to explain what changes are made between “1.0.2h” and “1.0.2i” that may cause this issue?

Please let me know if you need more info, thank you.

 

Note: We found similar issue by google, not sure if it’s related. (https://forum.filezilla-project.org/viewtopic.php?f=6&t=32837&sid=14d3d99cb60f1a6867d16aba89403015)

 

Table 1.Test under Winsvr 2016/Win10

Openssl version

Connect by “s_client –connect IP:Port

1.0.2g

Fail

1.0.2h

Fail

1.0.2i

Pass

1.0.2o

Pass

1.0.0d

Pass

 

 

Figure 1

cid:image002.jpg@01D40273.2D91C710

Best regards,

Brian Chou

Application Engineering of Industrial IoT Group

Advantech Co., Ltd.
Tel: 886-2-2792-7818 ext,1431

e-mail:[hidden email]

 

 

 

Best regards,

Brian Chou

Application Engineering of Industrial IoT Group

Advantech Co., Ltd.
Tel: 886-2-2792-7818 ext,1431

e-mail:[hidden email]

 


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Advantech openssl compatibility issue

Michael Wojcik
> From: openssl-users [mailto:[hidden email]] On Behalf Of Brian.Chou
> Sent: Tuesday, June 12, 2018 23:40

> Can you help to explain what changes are made between “1.0.2h” and “1.0.2i” that may cause this issue?

The OpenSSL changelog describes the high-level differences between each pair of consecutive versions.

For details, you'll need to look at the git history, or extract the sources and diff them. In this case, you're probably only interested in the differences in libcrypto, so diffing the crypto source trees is probably sufficient. (It might be elsewhere, but that's the place to start.)

It'd be faster, though, to debug the openssl s_client run and see where the exception is being thrown. It's a c0000005 - an addressing violation - so there's a decent chance that it's raised in or near (in terms of stack frames) where the actual cause exists in the code.  (Addressing violations are synchronous exceptions caused by invoking undefined behavior, so they *can* have remote causes, such as earlier heap corruption, but there's a decent probability of hitting the exception soon after generating the invalid address.) You'll need symbol (PDB) files to get much useful information, but if you're building OpenSSL you can easily arrange for those.

Of course there are other possibilities, such as changes to the build flags between the two versions. And I haven't looked to see whether the OpenSSL sources for 1.0.2h or 1.0.2i include Atom assembly modules; that would be something else to check.
--
Michael Wojcik
Distinguished Engineer, Micro Focus



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Advantech openssl compatibility issue

Viktor Dukhovni


> On Jun 13, 2018, at 12:31 PM, Michael Wojcik <[hidden email]> wrote:
>
> It's a c0000005 - an addressing violation - so there's a decent chance that it's raised in or near (in terms of stack frames) where the actual cause exists in the code.

Perhaps a memory alignment issue, that is somewhat peculiar
to the SOC in question.  I'd try a non ASM build, and if that
passes, look for changes in the ASM code, or changes in the
build flags.

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users