Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-570

C/C uses CRYPTO_THREADID_set_callback from openssl API

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.1
    • Fix Version/s: 3.3.0, 3.2.5, 3.1.15
    • Component/s: None
    • Labels:
      None

      Description

      C/C uses CRYPTO_THREADID_set_callback() as

      ...
         CRYPTO_THREADID_set_callback(my_cb_threadid);
      ...
         CRYPTO_THREADID_set_callback(NULL);
      ...
      

      this is in openssl.c, the first line works on load, the second — on unload.

      But if you look in the openssl-1.0.2 code, you'll see

      int CRYPTO_THREADID_set_callback(void (*func) (CRYPTO_THREADID *))
      {
          if (threadid_callback)
              return 0;
          threadid_callback = func;
      

      that is, CRYPTO_THREADID_set_callback(NULL) does not remove the callback, in fact there is no way to remove the callback after it's set.

      This means that a shared library should never ever use CRYPTO_THREADID_set_callback(), because after the shared library is unloaded the callback will point into unallocated memory, and the callback, again, can never be removed.

        Attachments

          Activity

            People

            Assignee:
            georg Georg Richter
            Reporter:
            serg Sergei Golubchik
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.