From fc168c3a5e58d8b364a2e87e0d876a261ec7fced Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20M=C3=A4kel=C3=A4?= Date: Fri, 29 Mar 2019 11:38:45 +0200 Subject: [PATCH] MDEV-15587 AES test fails, segfaults in EVP_CipherInit_ex When HAVE_YASSL is defined (due to cmake -DWITH_SSL=bundled or otherwise), mysys_ssl/my_crypt.cc will #include "yassl.cc" from the same directory. When MariaDB 10.2 or later is compiled with GCC 8 and optimizations are enabled, then the check if (iv) in EVP_CipherInit_ex() can be wrongly optimized away. The reason appears to be that __attribute__((nonnull)) is attached to the variable iv, because there is a (no-op) call memcpy(oiv, iv, ivlen=0) earlier in the code path. It is possible that this started failing after the code was refactored in MDEV-10332 (MariaDB 10.2.6). In MariaDB 10.1, there is a similar memcpy() call in MyCTX_nopad::init(), but the code appears to work fine. --- mysys_ssl/my_crypt.cc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc index db303f37b0e..2d6f5188034 100644 --- a/mysys_ssl/my_crypt.cc +++ b/mysys_ssl/my_crypt.cc @@ -1,6 +1,6 @@ /* Copyright (c) 2014 Google Inc. - Copyright (c) 2014, 2017 MariaDB Corporation + Copyright (c) 2014, 2019, MariaDB Corporation. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -93,7 +93,8 @@ public: this->key= key; this->klen= klen; this->buf_len= 0; - memcpy(oiv, iv, ivlen); + if (ivlen) + memcpy(oiv, iv, ivlen); DBUG_ASSERT(ivlen == 0 || ivlen == sizeof(oiv)); int res= MyCTX::init(cipher, encrypt, key, klen, iv, ivlen);