Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Regression: Access violation accessing destroyed locale object during atexit #18160

Closed
matbech opened this issue Apr 22, 2022 · 5 comments
Closed

Regression: Access violation accessing destroyed locale object during atexit #18160

matbech opened this issue Apr 22, 2022 · 5 comments
Labels
branch: master Merge to master branch triaged: bug The issue/pr is/fixes a bug

Comments

@matbech
Copy link
Contributor

matbech commented Apr 22, 2022

During the OPENSSL_cleanup, OPENSSL_strcasecmp passes the destroyed locale object to _stricmp_l.

Access violation:

>	ucrtbased.dll!_tolower_fast_internal(const unsigned char c, __crt_locale_pointers * const locale) Line 1488	C++
 	ucrtbased.dll!_stricmp_l(const char * lhs, const char * rhs, __crt_locale_pointers * plocinfo) Line 59	C++
 	libcrypto-3.dll!OPENSSL_strcasecmp(const char * s1, const char * s2) Line 329	C
 	libcrypto-3.dll!obj_name_cmp(const obj_name_st * a, const obj_name_st * b) Line 131	C
 	libcrypto-3.dll!getrn(lhash_st * lh, const void * data, unsigned long * rhash) Line 309	C
 	libcrypto-3.dll!OPENSSL_LH_delete(lhash_st * lh, const void * data) Line 142	C
 	libcrypto-3.dll!lh_OBJ_NAME_delete(lhash_st_OBJ_NAME * lh, const obj_name_st * d) Line 12	C
 	libcrypto-3.dll!OBJ_NAME_remove(const char * name, int type) Line 257	C
 	libcrypto-3.dll!names_lh_free_doall(obj_name_st * onp) Line 361	C
 	libcrypto-3.dll!doall_util_fn(lhash_st * lh, int use_arg, void(*)(void *) func, void(*)(void *, void *) func_arg, void * arg) Line 196	C
 	libcrypto-3.dll!OPENSSL_LH_doall(lhash_st * lh, void(*)(void *) func) Line 204	C
 	libcrypto-3.dll!lh_OBJ_NAME_doall(lhash_st_OBJ_NAME * lh, void(*)(obj_name_st *) doall) Line 12	C
 	libcrypto-3.dll!OBJ_NAME_cleanup(int type) Line 380	C
 	libcrypto-3.dll!evp_cleanup_int() Line 157	C
 	libcrypto-3.dll!OPENSSL_cleanup() Line 449	C
 	libcrypto-3.dll!win32atexit() Line 87	C

Cause
void ossl_deinit_casecmp() {
freelocale(loc);
}
is called before evp_cleanup_int.

Solution
Move ossl_deinit_casecmp to the end of OPENSSL_cleanup.

Regression introduced in:
fba140c
4b2bd27
@matbech matbech added the issue: bug report The issue was opened to report a bug label Apr 22, 2022
matbech added a commit to matbech/openssl that referenced this issue Apr 23, 2022
@matbech
Move ossl_deinit_casecmp to the end since other calls like evp_cleanu…
6f875bb 
…p_int depend on casecmp.

Fixes openssl#18160
matbech added a commit to matbech/openssl that referenced this issue Apr 23, 2022
@matbech
Move ossl_deinit_casecmp to the end because calls like evp_cleanup_in…
156960f 
…t depend on casecmp.

Fixes openssl#18160
@matbech matbech mentioned this issue Apr 23, 2022
Closed
@beldmit beldmit added triaged: bug The issue/pr is/fixes a bug branch: master Merge to master branch and removed issue: bug report The issue was opened to report a bug labels Apr 23, 2022
@beldmit
Copy link
Member

beldmit commented Apr 23, 2022

Is it relevant for master only or also for 3.0?

@beldmit
Copy link
Member

beldmit commented Apr 23, 2022

I wonder why it is not caught by our tests

@matbech
Copy link
Contributor Author

matbech commented Apr 23, 2022
edited

Is it relevant for master only or also for 3.0?

For both as as the commits which caused the regression are in both branches (master and openssl-3.0):
fba140c
4b2bd27

@beldmit
Copy link
Member

beldmit commented Apr 23, 2022
edited

As it was a bug in all 3.0 series, #18103 contains basically same changes to 3.0 branch.

@beldmit
Copy link
Member

beldmit commented Apr 23, 2022

Yes, it's a master only fault, in 3.0 it is already the last call in OPENSSL_cleanup

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
branch: master Merge to master branch triaged: bug The issue/pr is/fixes a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Move ossl_deinit_casecmp to the end matbech/openssl
2 participants
@matbech @beldmit