Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-28339

Crashes with OpenSSL 3.0.2

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Incomplete
    • 10.5.15, 10.6.7, 10.7.3
    • N/A
    • Server
    • SunOS hosting 5.11 omnios-r151042-7577932f27 i86pc i386 i86pc
      (although I think this will be a general problem, not OS-specific)
      OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)

    Description

      Since upgrading my OS to a version which ships mariadb built against openssl 3.0.2, I am seeing server crashes in both my_md5() and my_aes()

      status: process terminated by SIGSEGV (Segmentation Fault), pid=25463 uid=70
      		 
      > $C
      		 
      fffffaffee718aa0 libcrypto.so.3`evp_cipher_init_internal+0x3d()
      		 
      fffffaffee718ac0 libcrypto.so.3`EVP_CipherInit_ex+0xf()
      		 
      fffffaffee718ad0 MyCTX::init+0x1d()
      		 
      fffffaffee718dd0 my_aes_crypt+0x64()
      		 
      fffffaffee718ed0 Item_aes_crypt::val_str+0x110()


      status: process terminated by SIGSEGV (Segmentation Fault), pid=14380 uid=70
      		 
      > $C
      		 
      fffffaffed89efe0 libcrypto.so.3`EVP_MD_free+5()
      		 
      fffffaffed89f000 libcrypto.so.3`EVP_MD_CTX_reset+0x2c()
      		 
      fffffaffed89f080 my_md5+0x46()
      		 
      fffffaffed89f0d0 Item_func_md5::val_str_ascii+0x53()
      		 
      fffffaffed89f110 Item_func::val_str_from_val_str_ascii+0x85()

      Changing the code to use the new openssl APIs with EVP_CIPHER/MD_CTX_new/free() resolves the problem for me, but that doesn't fix the plugin API.

      Attachments

        Issue Links

          relates to

          Task - A task that needs to be done. MDEV-25785 Add support for OpenSSL 3.0

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            serg Sergei Golubchik added a comment -

            MariaDB 10.5.15, 10.6.7, 10.7.3 cannot be built with OpenSSL 3.0. There's a compile-time check that prevents that: https://github.com/MariaDB/server/commit/c9beef43154

            I suspect your OS mariadb maintainers have removed this safety check and ended up with a broken binary.

            At the moment MariaDB supports OpenSSL 3.0 only starting from MariaDB 10.8. We do plan to backport this change, but it has not happened yet.

            serg Sergei Golubchik added a comment - MariaDB 10.5.15, 10.6.7, 10.7.3 cannot be built with OpenSSL 3.0. There's a compile-time check that prevents that: https://github.com/MariaDB/server/commit/c9beef43154 I suspect your OS mariadb maintainers have removed this safety check and ended up with a broken binary. At the moment MariaDB supports OpenSSL 3.0 only starting from MariaDB 10.8. We do plan to backport this change, but it has not happened yet.
            fiddaman Andy added a comment -

            It would appear so, I'll go and look into that.
            Thanks!

            fiddaman Andy added a comment - It would appear so, I'll go and look into that. Thanks!

            People

              Unassigned Unassigned
              fiddaman Andy
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.