Hi,
I maintain a password auditing utility[1] and have been using libssh2
with it for a while. Unfortunately, I seem to encounter thread safety
issues from time to time within the library. For example, if compiled
with libgcrypt, multi-threaded uses of the library consistently result
in a segfault. Everything appeared to behave as expected using libssh2
compiled with openssl support up through version 1.2.6. Starting with
1.2.7, multi-threaded uses result in segfaults (double frees) such as:
/lib/libc.so.6(+0x72966)[0x7f7d65dc4966]
/lib/libc.so.6(+0x78433)[0x7f7d65dca433]
/lib/libc.so.6(realloc+0xf0)[0x7f7d65dca8d0]
/usr/lib/libcrypto.so.0.9.8(CRYPTO_realloc+0x65)[0x7f7d66c144a5]
/usr/lib/libcrypto.so.0.9.8(lh_insert+0x12b)[0x7f7d66c73e2b]
/usr/lib/libcrypto.so.0.9.8(OBJ_NAME_add+0x6b)[0x7f7d66c16f5b]
/usr/lib/libcrypto.so.0.9.8(OpenSSL_add_all_ciphers
+0x4ad)[0x7f7d66c7f3bd]
/usr/lib/libcrypto.so.0.9.8(OPENSSL_add_all_algorithms_noconf
+0xe)[0x7f7d66c7eefe]
/usr/local/lib/libssh2.so.1(libssh2_init+0x24)[0x7f7d61c81d3c]
/usr/local/lib/libssh2.so.1(+0x29d9c)[0x7f7d61c81d9c]
/usr/local/lib/libssh2.so.1(libssh2_session_init_ex
+0xf8)[0x7f7d61c70fd4]
I'm at a loss for where to start debugging this. It's certainly possible
I've used the library in an incorrect manner, but everything worked fine
prior to 1.2.7 with openssl. I'm open to suggestions on where to start
debugging or what information would be useful to track down the issue.
Thanks,
Joe
[1] http://www.foofus.net/~jmk/medusa/medusa.html
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-08-26