Hi,
I may, or may not, stumbled upon an issue with OpenSSL multihreading when
calling OBJ_create to define a new extension.
Briefly, calling below code from several threads at once - despite setting
up of locking functions - may cause segmentation fault due to supposedly
double free/corruption.
char CUSTOM_EXTENSION_OID_VALUE[] = "1.2.345.678901.2.3.4";
OBJ_create(CUSTOM_EXTENSION_OID_VALUE, "customExtension", "Custom
Extension");
Though this may not be a recommended set of calls to be executed over and
over again, I'd expect proper locking_function to guard against critical
failures.
The error is output when the crash happens as:
*** Error in `./openssl_object_add_segfault_test': double free or
corruption (fasttop): 0x7f50ac002620 ***
gdb used to look at the dumped core reveals:
(gdb) bt
#0 0x7f50feea8cc9 in __GI_raise (sig=sig@entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1 0x7f50feeac0d8 in __GI_abort () at abort.c:89
#2 0x7f50feee5394 in __libc_message (do_abort=do_abort@entry=1,
fmt=fmt@entry=0x7f50feff3b28 "*** Error in `%s': %s: 0x%s ***\n") at
../sysdeps/posix/libc_fatal.c:175
#3 0x7f50feef166e in malloc_printerr (ptr=,
str=0x7f50feff3cf0 "double free or corruption (fasttop)", action=1) at
malloc.c:4996
#4 _int_free (av=, p=, have_lock=0) at
malloc.c:3840
#5 0x0044a12d in CRYPTO_free ()
#6 0x0044d921 in OBJ_add_object ()
#7 0x0044ebcd in OBJ_create ()
#8 0x0040364c in run()::{lambda()#1}::operator()() const ()
OpenSSL versions tested were: openssl-1.0.1t, openssl-1.0.1s and
openssl-1.0.2h.Above or similar occurred on all the tested versions.
I've noticed the behaviour on Ubuntu 14.04, using gcc 4.8.4, compiling
C++11 code. I first noticed the issue using clang, so I suppose compiler is
irrelevant.
I do have a minimal example (just a main, initOpenSSL and runThreads
functions, 70 lines of code + a Makefile) reproducing the issue. I am not
sure if emailing them here is the right way, if it is please let me know
and I'll paste it in.
Kind regards,
Maciej
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4571
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev