Comments on: Thoughtfulness on the OpenSSL bug

By: Jay Ballou

Jay Ballou — Mon, 19 May 2008 23:02:23 +0000

“Sure, it’s only modifiable if it’s a pointer… but pointers are the only practical way to pass many things: strings, buffers of any type really, arrays… the list goes on.”

That’s what const and paying attention to compiler warnings are for. As a professional programmer who has written in C for 30 years, I can say that linux code suffers seriously from lack of code quality. The only reason it isn’t even more horribly buggy than it is, is because so many bodies test open source code. But better written code wouldn’t need so many bodies to be bug-free.

“This bug could have been caught by testing whether generated keys follow certain unexpected distributions.”

Indeed. “peer review” is highly overrated. What would serve better is peers performing QA functions such as writing test cases.

By: Jon

Jon — Thu, 15 May 2008 11:01:08 +0000

In general, it is impossible to prove that something is random, and difficult to ascertain that something is sufficiently random, but I do think some kind of regression test could be useful. I’m thinking of doing something a bit like the visual noise plots used on random.org to demonstrate the php rand() rubbish-ness.

By: crf

crf — Thu, 15 May 2008 06:24:36 +0000

There should be testing of patched programs before they are released, when feasible. This bug could have been caught by testing whether generated keys follow certain unexpected distributions.

By: John Goerzen

John Goerzen — Wed, 14 May 2008 22:58:52 +0000

Sure, it’s only modifiable if it’s a pointer… but pointers are the only practical way to pass many things: strings, buffers of any type really, arrays… the list goes on.

By: jldugger

jldugger — Wed, 14 May 2008 22:47:11 +0000

“Especially since you may be dealing with functions that call other functions 5 deep, and one of those functions modifies what you thought was an input-only parameter in certain rare cases.”

Well, its usually pretty easy to tell when something on the stack is modifiable — when it’s handled as a pointer. If the function calls are passing ints by reference, that’s a hint that there’s something stupid afoot. But yes, it’s a challenge to go from finding a bug to writing a correct fix. It’s simple to load up gdb and watch a segfault in xkb, but it’s another thing to understand the correct fix (it frustrates me a bit when the upstream fix is a simple “if null -> return 0″ — I could have done that!).

On a more general note — why isn’t openSSL using /dev/random? It seems as though the ideal solution is for security systems to use that and then make sure it’s perfect.