[SERVER-18661] Add LSAN Suppressions for SSLManager's Constructor Created: 26/May/15 Updated: 18/Jun/15 Resolved: 18/Jun/15 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Networking, Security |
| Affects Version/s: | 3.1.3 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Robert Guo (Inactive) | Assignee: | Robert Guo (Inactive) |
| Resolution: | Won't Fix | Votes: | 0 |
| Labels: | 32qa | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||
| Operating System: | ALL | ||||||||||||
| Sprint: | Security 5 06/26/15 | ||||||||||||
| Participants: | |||||||||||||
| Linked BF Score: | 0 | ||||||||||||
| Description |
|
SSL_CTX_use_certificate_chain_file, SSL_CTX_new, PEM_read_bio_X509_AUX and SSL_CTX_set_cipher_list are called from SSLManager's constructor and may leak if the constructor throws. The exceptions only happen at server/client startup and would terminate the process. Adding LSAN suppressions resolves this issue for now. There is a separate ticket to document this issue in more detail and will be used to discuss if a more comprehensive fix is necessary. |
| Comments |
| Comment by Robert Guo (Inactive) [ 26/May/15 ] |
|
The LSAN output doesn't contain any symbols since we're not using the debug build of OpenSSL in evergreen, so there's no way to target the specific functions. Going to resolve this (for the time being) by disabling the leaking test in LSAN instead. |