[CONC-570] C/C uses CRYPTO_THREADID_set_callback from openssl API Created: 2021-11-02 Updated: 2021-11-03 Resolved: 2021-11-03 |
|
| Status: | Closed |
| Project: | MariaDB Connector/C |
| Component/s: | None |
| Affects Version/s: | 3.1 |
| Fix Version/s: | 3.3.0, 3.2.5, 3.1.15 |
| Type: | Bug | Priority: | Major |
| Reporter: | Sergei Golubchik | Assignee: | Georg Richter |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Description |
|
C/C uses CRYPTO_THREADID_set_callback() as
this is in openssl.c, the first line works on load, the second — on unload. But if you look in the openssl-1.0.2 code, you'll see
that is, CRYPTO_THREADID_set_callback(NULL) does not remove the callback, in fact there is no way to remove the callback after it's set. This means that a shared library should never ever use CRYPTO_THREADID_set_callback(), because after the shared library is unloaded the callback will point into unallocated memory, and the callback, again, can never be removed. |
| Comments |
| Comment by Georg Richter [ 2021-11-03 ] |
|
It affects only versions of OpenSSL <= 1.0.2 (eol). |
| Comment by Sergei Golubchik [ 2021-11-03 ] |
|
Yes, agree, better to remove it completely. SLES12 still uses OpenSSL 1.0.2, so any application dynamically loading C/C there might be affected. |