[SERVER-16739] OpenSSL libcrypto crash Created: 06/Jan/15  Updated: 14/Apr/16  Resolved: 25/Feb/15

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 2.8.0-rc4
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Daniel Alabi Assignee: Spencer Jackson
Resolution: Cannot Reproduce Votes: 0
Labels: 28qa
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: File auth_drop_user.js     HTML File fsm_all.html    
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Security [00-02-20-15]
Participants:

 Description   

One of the FSM-based workloads, auth_drop_user.js, crashed with the following error on the Amazon SSL build.

I've briefly talked to Andreas about this and there's a possibility that we are not using HMAC (in libycrypto) in a thread-safe manner.

mongod(mongo::printStackTrace(std::ostream&) 0x29) [0xf326b9]
 mongod( 0xB31FB2) [0xf31fb2]
 mongod( 0xB322DE) [0xf322de]
 libpthread.so.0( 0xF8E0) [0x7f049a0518e0]
 libc.so.6( 0x8C290) [0x7f0498b6b290]
 libcrypto.so.10( 0x141A57) [0x7f0499b59a57]
 libcrypto.so.10( 0x141B8D) [0x7f0499b59b8d]
 libcrypto.so.10(FIPS_drbg_instantiate 0x1F6) [0x7f0499b5b7c6]
 libcrypto.so.10(RAND_init_fips 0xD1) [0x7f0499ae7771]
 libcrypto.so.10(OPENSSL_init_library 0x27) [0x7f0499a7d627]
 libcrypto.so.10(FIPS_mode 0x9) [0x7f0499a7d579]
 libcrypto.so.10(HMAC_Init_ex 0x37) [0x7f0499a89777]
 libcrypto.so.10(HMAC 0x7F) [0x7f0499a89e5f]
 mongod(mongo::crypto::hmacSha1(unsigned char const*, unsigned long, unsigned char const*, unsigned long, unsigned char*, unsigned int*) 0x3F) [0x8c541f]
 mongod(mongo::scram::generateSaltedPassword(mongo::StringData const&, unsigned char const*, int, int, unsigned char*) 0x71) [0x8c54b1]
 mongod(mongo::scram::generateSecrets(std::string const&, unsigned char const*, unsigned long, unsigned long, unsigned char*, unsigned char*) 0x45) [0x8c55f5]
 mongod(mongo::scram::generateCredentials(std::string const&, int) 0x99) [0x8c5949]
 mongod(mongo::CmdCreateUser::run(mongo::OperationContext*, std::string const&, mongo::BSONObj&, int, std::string&, mongo::BSONObjBuilder&, bool) 0x7AD) [0x9b469d]
 mongod(mongo::_execCommand(mongo::OperationContext*, mongo::Command*, std::string const&, mongo::BSONObj&, int, std::string&, mongo::BSONObjBuilder&, bool) 0x34) [0x9e2314]
 mongod(mongo::Command::execCommand(mongo::OperationContext*, mongo::Command*, int, char const*, mongo::BSONObj&, mongo::BSONObjBuilder&, bool) 0xC13) [0x9e3253]
 mongod(mongo::_runCommands(mongo::OperationContext*, char const*, mongo::BSONObj&, mongo::_BufBuilder<mongo::TrivialAllocator>&, mongo::BSONObjBuilder&, bool, int) 0x28B) [0x9e3d0b]
 mongod(mongo::runQuery(mongo::OperationContext*, mongo::Message&, mongo::QueryMessage&, mongo::CurOp&, mongo::Message&, bool) 0x76A) [0xba0e1a]
 mongod(mongo::assembleResponse(mongo::OperationContext*, mongo::Message&, mongo::DbResponse&, mongo::HostAndPort const&, bool) 0xB25) [0xaba455]
 mongod(mongo::MyMessageHandler::process(mongo::Message&, mongo::AbstractMessagingPort*, mongo::LastError*) 0xE0) [0x8257a0]
 mongod(mongo::PortMessageServer::handleIncomingMsg(void*) 0x411) [0xee68a1]
 libpthread.so.0( 0x7C6B) [0x7f049a049c6b]
 libc.so.6(clone 0x6D) [0x7f0498bc15ed]

see http://buildlogs.mongodb.org/MCI_amazon/builds/516523/test/concurrency_compatibility_WT_0/fsm_all.js



 Comments   
Comment by Spencer Jackson [ 25/Feb/15 ]

As there still hasn't been a clear way of making this failure happen, I am closing it again as cannot reproduce.

Comment by Spencer Jackson [ 21/Jan/15 ]

I've attached the logs of the original issue.

Comment by Spencer Jackson [ 20/Jan/15 ]

I ran the javascript test for several hours with no failures. I am marking this as 'Cannot reproduce'.

Comment by Daniel Pasette (Inactive) [ 07/Jan/15 ]

alabid, has this been repro'd?

Generated at Thu Feb 08 03:42:06 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.