Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

double free memory corruption when handle https url #433

Open
FrancisHe opened this issue Mar 27, 2024 · 1 comment
Open

double free memory corruption when handle https url #433

FrancisHe opened this issue Mar 27, 2024 · 1 comment
Labels
bug help wanted

Comments

@FrancisHe
Copy link

Here is the stack backtrace:

Program terminated with signal 6, Aborted.
#0  0x00007f12b25ed1f7 in raise () from /lib64/libc.so.6
(gdb) bt
#0  0x00007f12b25ed1f7 in raise () from /lib64/libc.so.6
#1  0x00007f12b25ee8e8 in abort () from /lib64/libc.so.6
#2  0x00007f12b262cf47 in __libc_message () from /lib64/libc.so.6
#3  0x00007f12b2634619 in _int_free () from /lib64/libc.so.6
#4  0x00007f12b2636918 in _int_realloc () from /lib64/libc.so.6
#5  0x00007f12b2638752 in realloc () from /lib64/libc.so.6
#6  0x00007f12b2c01389 in CRYPTO_realloc () from /lib64/libcrypto.so.10
#7  0x00007f12b2c7b1e1 in lh_insert () from /lib64/libcrypto.so.10
#8  0x00007f12b2c7d8b4 in int_thread_set_item () from /lib64/libcrypto.so.10
#9  0x00007f12b2c7e43e in ERR_get_state () from /lib64/libcrypto.so.10
#10 0x00007f12b2c7e4be in ERR_put_error () from /lib64/libcrypto.so.10
#11 0x00007f12b2cad90d in PEM_read_bio () from /lib64/libcrypto.so.10
#12 0x00007f12b2cabc9a in PEM_X509_INFO_read_bio () from /lib64/libcrypto.so.10
#13 0x00007f12b2cbb0fe in X509_load_cert_crl_file () from /lib64/libcrypto.so.10
#14 0x00007f12b2cbb262 in by_file_ctrl () from /lib64/libcrypto.so.10
#15 0x00007f12b2cb22d0 in X509_STORE_set_default_paths () from /lib64/libcrypto.so.10
#16 0x000000000040a398 in ssl_connect (fd=fd@entry=200, hostname=hostname@entry=0x7f12b0d34174 "example.com") at src/ssl.c:92
#17 0x0000000000409b37 in tcp_connect (tcp=tcp@entry=0x7f12b0d36a00, hostname=hostname@entry=0x7f12b0d34174 "example.com", port=port@entry=443, secure=1, local_if=0x0, io_timeout=io_timeout@entry=120) at src/tcp.c:181
#18 0x0000000000408820 in http_connect (conn=conn@entry=0x7f12b0d35db8, proto=<optimized out>, proto@entry=3, proxy=proxy@entry=0x0, host=host@entry=0x7f12b0d34174 "example.com", port=443, 
    user=user@entry=0x7f12b0d34d74 "", pass=0x7f12b0d35174 "", io_timeout=120) at src/http.c:129
#19 0x0000000000406fe2 in conn_init (conn=conn@entry=0x7f12b0d34160) at src/conn.c:271
#20 0x0000000000407233 in conn_setup (conn=conn@entry=0x7f12b0d34160) at src/conn.c:293
#21 0x000000000040412b in setup_thread (c=0x7f12b0d34160) at src/axel.c:836
#22 0x00007f12b2983e25 in start_thread () from /lib64/libpthread.so.0
#23 0x00007f12b26b035d in clone () from /lib64/libc.so.6

axel version: 2.17.13
openssl version: 1.0.1e

I guess some function in libcrypto is not thread-safe.
@FrancisHe
Copy link
Author

FrancisHe commented Apr 1, 2024
edited

The problem solved after i updated OpenSSL to libressl-3.9.1.
I found a relative post:

For earlier versions than 1.1.0, it is necessary for your application to set up the thread callback functions. To do this, your application must call CRYPTO_set_locking_callback(3) and one of the CRYPTO_THREADID_set... API's. See the OpenSSL threads manpage for details and "note on multi-threading" in the INSTALL file in the source distribution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ismaell @FrancisHe