Bug 240230 - openssl segfaults if RUN_ONCE fails
Summary: openssl segfaults if RUN_ONCE fails
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-08-31 12:03 UTC by andrew
Modified: 2019-08-31 12:03 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description andrew 2019-08-31 12:03:31 UTC
RAND_get_rand_method returns NULL if RUN_ONCE fails, but none of its callers check for this condition, and so they immediately segfault from deferencing the NULL.

(RUN_ONCE fails if libthr is not in the process, for example because openssl was static-linked without it. This aspect of the issue is the subject of another bug report; but if RUN_ONCE can legitimately fail for any other reason, then this is an independent bug in openssl.)

Affects CURRENT and 12-STABLE, probably not 11 (not checked).