Hi, When I use SSL requests and the cipherlist hash enabled, HAProxy randomly crash:
- segfault - double free - munmap_chunk(): invalid pointer I think that is a memory crush. I read the "cipherlist hash" code, and I put some printf, I do not detect any memory override. When I comment the following line, the bug disappear SSL_set_ex_data(ssl, ssl_capture_ptr_index, capture); The crash happens with many versions of openssl: - 1.0.2j (home build) - 1.0.1t-1+deb7u4 - 1.0.1t-1+deb8u8 - 1.0.2g-1ubuntu4.12 cipherlist hash is available from 1.8. The bug appears with current 1.8 and current 1.9dev. I join some files: - bug36.build.sh : build script - bug36.run.sh : run haproxy command - bug36.request.sh : curl request - bug36.conf : minimal conf which reproduce the problem - bug36.pem : ramdom self signed certificate Just execute some requests, and the bug is reproduced. BR, Thierry
#!/bin/bash make -j8 \ TARGET=linux2428 \ USE_DL=1 \ USE_OPENSSL=1 \ $*
#!/bin/bash curl -i -k https://127.0.0.1:5555/ curl -i -k https://127.0.0.1:5555/
#!/bin/bash ./haproxy -d -f bug36.conf
bug36.pem
Description: Binary data
bug36.conf
Description: Binary data
