Closed YushengYangRTI closed 1 year ago
Hello @YushengYangRTI
Thanks for contacting wolfSSL Support. There have been some fixes in aes.c since v5.5.1 was released. Could you please test with the latest code and let us know if the warning still appears?
Thanks, @embhorn - wolfSSL Support
Hi @embhorn ,
Thanks for your response. I tried v5.6.0, and I got a similar error:
==8620== Source and destination overlap in memcpy(0x5b2f170, 0x5b2f170, 12)
==8620== at 0x4C2E81D: memcpy@@GLIBC_2.14 (vg_replace_strmem.c:1035)
==8620== by 0x4C112B: wc_AesGcmInit (aes.c:8178)
==8620== by 0x424E90: wolfSSL_EVP_CipherFinal (evp.c:1019)
==8620== by 0x4243F1: wolfSSL_EVP_DecryptFinal_ex (evp.c:415)
==8620== by 0x4236E7: main (in 6413)
aes.c:8178 is this:
/* Set the IV passed in if it is smaller than a block. */
if ((iv != NULL) && (ivSz <= AES_BLOCK_SIZE)) {
XMEMCPY((byte*)aes->reg, iv, ivSz);
aes->nonceSz = ivSz;
}
Hello @YushengYangRTI
Could you please retest with this PR (#6416) to confirm you see the issue is resolved?
Just FYI, I was not able to reproduce the issue with a newer version of valgrind:
valgrind --version
valgrind-3.18.1
Hi @embhorn ,
PR 6416 fixed the problem for me.
Thanks, Yusheng
In addition, it may be nice to avoid calling wc_AesGcmInit
when the iv
argument points to aes->reg
(example). That is, instead of:
if (iv != NULL) {
/* Cache the IV in AES GCM object. */
XMEMMOVE((byte*)aes->reg, iv, ivSz);
aes->nonceSz = ivSz;
}
do:
if (iv != NULL && iv != aes->reg) {
/* Cache the IV in AES GCM object. */
XMEMMOVE((byte*)aes->reg, iv, ivSz);
aes->nonceSz = ivSz;
}
Contact Details
yusheng@rti.com
Version
5.5.1
Description
We built wolfSSL 5.5.1 with the following options:
Our target and build environment:
When we run the following C code:
we get the following result:
aes.c:9311 is this:
Is there a version of wolfSSL that fixes this problem?
Thanks, Yusheng
Reproduction steps
No response
Relevant log output
No response