[openssl] openssl-3.0 update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Tue Feb 8 12:28:44 UTC 2022
The branch openssl-3.0 has been updated
via 01d4f5cdd4125bd81878257ae357ff191bc31dd1 (commit)
from d7975674e5aaded44a6845d3d1beac08477a22ad (commit)
- Log -----------------------------------------------------------------
commit 01d4f5cdd4125bd81878257ae357ff191bc31dd1
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Mon Nov 22 21:50:04 2021 +0100
Prevent crash with engine using different openssl runtime
This problem happens usually because an application
links libcrypto and/or libssl statically which
installs an atexit handler, but later an engine using
a shared instance of libcrypto is installed.
The problem is in simple words that both instances
of libcrypto have an atexit handler installed,
but both are unable to coordinate with each other,
which causes a crash, typically a use-after-free
in the engine's destroy function.
Work around that by preventing the engine's
libcrypto to install the atexit handler.
This may result in a small memory leak, but that
memory is still reachable.
Fixes #15898
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17112)
(cherry picked from commit 9362a1b32b7330e24d3bca230b412557caea095b)
-----------------------------------------------------------------------
Summary of changes:
include/openssl/engine.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/openssl/engine.h b/include/openssl/engine.h
index 25c3cf7c19..70c856a9cd 100644
--- a/include/openssl/engine.h
+++ b/include/openssl/engine.h
@@ -801,6 +801,7 @@ typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
fns->mem_fns.realloc_fn, \
fns->mem_fns.free_fn); \
+ OPENSSL_init_crypto(OPENSSL_INIT_NO_ATEXIT, NULL); \
skip_cbs: \
if (!fn(e, id)) return 0; \
return 1; }
More information about the openssl-commits
mailing list