[CDRIVER-4297] Do not declare OpenSSL 1.1 polyfill functions in global scope Created: 16/Feb/22  Updated: 28/Oct/23  Resolved: 16/Feb/22

Status: Closed
Project: C Driver
Component/s: tls
Affects Version/s: None
Fix Version/s: 1.21.1

Type: Bug Priority: Major - P3
Reporter: Jeremy Mikola Assignee: Kevin Albertson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to MONGOCRYPT-383 Do not declare OpenSSL 1.1 polyfill f... Closed

 Description   

In mongodb/mongo-php-driver#1302, a user reported a segfault when the PHP driver (with libmongoc) was initialized but otherwise unused and the PHP script went on to use a separate library and the OpenSSL extension. According to the user, they were using CentOS 7 with OpenSSL 1.0.2k-fips 26 Jan 2017.

Once we obtained a backtrace, it was evident that OpenSSL 1.1 had been linked by some shared libraries loaded in the same PHP process. The PHP driver and libmongoc had evidently been compiled with OpenSSL 1.0.x, which resulted in polyfills for several OpenSSL 1.1 functions being defined:

Because these functions were declared in the global scope, they were inadvertently invoked by the other shared library was was compiled against OpenSSL. I expect the segfault was due to mismatched memory allocation functions (the polyfills use libbson's API).

Although the root of this issue goes beyond libmongoc (linking multiple versions of OpenSSL in the same process is a no-no), the polyfills made the error more difficult to diagnose.

These functions should either be declared statically or renamed/prefixed, as is done for some libbson compat functions.



 Comments   
Comment by Githook User [ 01/Mar/22 ]

Author:

{'name': 'Remi Collet', 'email': 'remi@remirepo.net', 'username': 'remicollet'}

Message: CDRIVER-4297 use static decls for OpenSSL 1.1 polyfills (#946)
Branch: r1.21
https://github.com/mongodb/mongo-c-driver/commit/c2e78b48a0bec5f11ebd2f9f588ba1375b3ea33f

Comment by Githook User [ 16/Feb/22 ]

Author:

{'name': 'Remi Collet', 'email': 'remi@remirepo.net', 'username': 'remicollet'}

Message: CDRIVER-4297 use static decls for OpenSSL 1.1 polyfills (#946)
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/79955086e4761d4a1add449c02bcde5963bce94c

Comment by Jeremy Mikola [ 16/Feb/22 ]

remi submitted a PR: https://github.com/mongodb/mongo-c-driver/pull/946

kevin.albertson: Assigning this to you for review.

Generated at Wed Feb 07 21:20:31 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.