[SERVER-64859] CSFLE: Crash on exit when mongo_csfle_v1_lib instance still alive Created: 24/Mar/22  Updated: 29/Oct/23  Resolved: 31/Mar/22

Status: Closed
Project: Core Server
Component/s: Field Level Encryption
Affects Version/s: 5.3.0-rc4
Fix Version/s: 6.0.0-rc0

Type: Bug Priority: Critical - P2
Reporter: Anna Henningsen Assignee: Sergey Galtsev (Inactive)
Resolution: Fixed Votes: 0
Labels: csfle
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Linux (ubuntu2004 and rhel80), possibly others. Affects at least 5.3.0-rc4 and mongo_csfle_v1-6.0.0-alpha-763-g89c2fbc (current master).


Issue Links:
Backports
Depends
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v5.3
Steps To Reproduce:

The following steps will (at least on Linux) lead to a crash:

  • Load mongo_csfle_v1.so
  • Call mongo_csfle_v1_lib_create()
  • Call exit() (or return from main()).

Small repro program (with attached valgrind output): https://gist.github.com/addaleax/993e80036cf54231f7d65a037e818de6

Sprint: Security 2022-04-04
Participants:

 Description   

The CSFLE shared library runs into the flipside of the static initialization order fiasco when it is active (i.e. a mongo_csfle_v1_lib exists) while the process shuts down.

In particular, this line:

https://github.com/10gen/mongo-enterprise-modules/blob/abe14843df06c8deb4d2ee0e9efade9bbec704ef/src/fle/lib/mongo_csfle.cpp#L293

leads to a call to mongo::runGlobalDeinitializers(), which fails because the global singleton ConstructorActionList has already been destroyed, and consequently to memory corruption which crashes the process with SIGABRT/SIGSEGV.



 Comments   
Comment by Githook User [ 31/Mar/22 ]

Author:

{'name': 'sergey.galtsev', 'email': 'sergey.galtsev@mongodb.com', 'username': 'brushless-glitch'}

Message: SERVER-64859 fix crash-on-exit condition in csfle
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/b3fc965f4381759dec7fbf3f34d26c018838cfff

Comment by Sergey Galtsev (Inactive) [ 30/Mar/22 ]

https://github.com/10gen/mongo-enterprise-modules/pull/442

Comment by Anna Henningsen [ 24/Mar/22 ]

ana.meza jacob.evans Not sure about urgency, but I’m pretty sure it would be a blocker for using the CSFLE library in most environments.

Comment by Ana Meza [ 24/Mar/22 ]

Hi jacob.evans could you please review this one as it seems urgent

Generated at Thu Feb 08 06:01:19 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.