Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segmentation fault when trying to use secure-transport with curl 8.12.0 multissl #16253

Closed
thisisgk opened this issue Feb 8, 2025 · 1 comment
Closed

Segmentation fault when trying to use secure-transport with curl 8.12.0 multissl #16253

thisisgk opened this issue Feb 8, 2025 · 1 comment
Labels
crash regression TLS

Comments

@thisisgk
Copy link

thisisgk commented Feb 8, 2025

I did this

Configured and built curl with:

$ ./configure \
--with-secure-transport \
--with-openssl \
--with-default-ssl-backend=openssl
$ make

Ran curl and got:

$ CURL_SSL_BACKEND=secure-transport ./src/curl -q -s -v https://example.com/ >/dev/null
Segmentation fault: 11

Then I rebuilt curl with ./configure --enable-debug ..., the crash log shows:

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   ???                             000000000000000000 0 + 0
1   libcurl.4.dylib                 0x0000000104f8bd00 multissl_init + 48 (vtls.c:918)
2   libcurl.4.dylib                 0x0000000104f87474 Curl_ssl_init + 68 (vtls.c:427)
3   libcurl.4.dylib                 0x0000000104ecd15d global_init + 189 (easy.c:168)
4   libcurl.4.dylib                 0x0000000104ecd029 curl_global_init + 41 (easy.c:223)
5   curl                            0x0000000104e42762 main_init + 114 (tool_main.c:168)
6   curl                            0x0000000104e42447 main + 151 (tool_main.c:277)
7   libdyld.dylib                   0x00007fff57f9e015 start + 1

My guess: Does vtls.c:918 need the same if(Curl_ssl->init) test as vtls.c:426?

curl/lib/vtls/vtls.c

Lines 914 to 919 in 34cf9d5

static int multissl_init(void)
{
if(multissl_setup(NULL))
return 1;
return Curl_ssl->init();
}

curl/lib/vtls/vtls.c

Lines 426 to 428 in 34cf9d5

if(Curl_ssl->init)
return Curl_ssl->init();
return 1;

I expected the following

Able to use secure-transport with multissl.

curl/libcurl version

$ ./src/curl -V
curl 8.12.0 (x86_64-apple-darwin17.7.0) libcurl/8.12.0 OpenSSL/3.3.2 (SecureTransport) zlib/1.3.1 zstd/1.5.6 libidn2/2.3.7 libpsl/0.21.5 nghttp2/1.64.0
Release-Date: 2025-02-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns ldap ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp ws wss
Features: alt-svc AsynchDNS HSTS HTTP2 HTTPS-proxy IDN IPv6 Largefile libz MultiSSL NTLM PSL SSL threadsafe TLS-SRP UnixSockets zstd

operating system

$ sw_vers
ProductName: Mac OS X
ProductVersion: 10.13.6
BuildVersion: 17G14042
@jay jay added the crash label Feb 8, 2025
@hydrapolic hydrapolic mentioned this issue Feb 8, 2025
Closed
@jay
Copy link
Member

jay commented Feb 8, 2025

My guess: Does vtls.c:918 need the same if(Curl_ssl->init) test as vtls.c:426?

Makes sense to me. There are 3 SSL backends without an init function: bearssl, rustls and secure-transport.

curl/lib/vtls/vtls.c

Lines 426 to 428 in 34cf9d5

if(Curl_ssl->init)
return Curl_ssl->init();
return 1;

Would you like to test and submit a PR that uses that same logic?

bagder added a commit that referenced this issue Feb 8, 2025
@bagder
vtls: fix multissl-init
ff34362 
Regression since and follow-up to 2bf48b4.

Don't call init functions that are set to NULL.

Fixes #16253
Reported-by: thisisgk on github
@bagder bagder mentioned this issue Feb 8, 2025
Closed
@bagder bagder closed this as completed in f1939fa Feb 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
crash regression TLS
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

vtls: fix multissl-init curl/curl
3 participants
@bagder @jay @thisisgk