[SERVER-18661] Add LSAN Suppressions for SSLManager's Constructor Created: 26/May/15  Updated: 18/Jun/15  Resolved: 18/Jun/15

Status: Closed
Project: Core Server
Component/s: Networking, Security
Affects Version/s: 3.1.3
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Robert Guo (Inactive) Assignee: Robert Guo (Inactive)
Resolution: Won't Fix Votes: 0
Labels: 32qa
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
related to SERVER-18662 Refactor SSLManager's Constructor for... Closed
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Security 5 06/26/15
Participants:
Linked BF Score: 0

 Description   

SSL_CTX_use_certificate_chain_file, SSL_CTX_new, PEM_read_bio_X509_AUX and SSL_CTX_set_cipher_list are called from SSLManager's constructor and may leak if the constructor throws.

The exceptions only happen at server/client startup and would terminate the process. Adding LSAN suppressions resolves this issue for now.

There is a separate ticket to document this issue in more detail and will be used to discuss if a more comprehensive fix is necessary.



 Comments   
Comment by Robert Guo (Inactive) [ 26/May/15 ]

The LSAN output doesn't contain any symbols since we're not using the debug build of OpenSSL in evergreen, so there's no way to target the specific functions.

Going to resolve this (for the time being) by disabling the leaking test in LSAN instead.

Generated at Thu Feb 08 03:48:22 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.