[Pkg-openssl-devel] Bug#844715: Bug#844715: openssl: segfault in shlibloadtest (observed on x32) due to dlopen/dlclose/OPENSSL_atexit/OPENSSL_cleanup ordering
Kurt Roeckx
kurt at roeckx.be
Fri Nov 18 19:10:20 UTC 2016
On Fri, Nov 18, 2016 at 08:05:15PM +0100, Kurt Roeckx wrote:
> On Fri, Nov 18, 2016 at 12:59:57PM +0100, Thorsten Glaser wrote:
> > Breakpoint 1, OPENSSL_atexit (handler=handler at entry=0xf6745c50 <ssl_library_stop>) at crypto/init.c:604
> > 604 {
> >
> > There is our 0xf6745c50, which is ssl_library_stop… huh?
>
> [...]
> >
> > That’s .text of libssl.so.1.1!
> >
> > So it appears that dynamically loaded libraries are dismantled,
> > and OPENSSL_cleanup() is called too late. This might even be a
> > bug on other architectures; I’m changing the bug title before
> > submitting.
>
> So that looks like this doesn't work:
> /*
> * Deliberately leak a reference to the handler. This will force the
> * library/code containing the handler to remain loaded until we run the
> * atexit handler. If -znodelete has been used then this is
> * unneccessary.
> */
> {
> DSO *dso = NULL;
>
> dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE);
> DSO_free(dso);
> }
According to b6d5ba1a9f004d637acac18ae3519fe063b6b5e1 we should be
using -znodelete, but that probably didn't end up in the Debian
packaging properly.
Kurt
More information about the Pkg-openssl-devel
mailing list