[Bug 1921518] Re: OpenSSL "double free" error

Thu Nov 11 17:01:55 UTC 2021

So my understanding from #34 and #35 is that this is an upstream OpenSSL
issue, that should be discussed with the OpenSSL people.

The feedback in #34 suggests that this problem can be solved by not
parsing the configuration file twice, I have not investigated that as of
yet.

The feedback in #35 suggests a solution for duplicate destruction
handling that requires an API change which is again a discussion best
had with OpenSSL upstream, and something that won't be applicable to
existing releases, only a future OpenSSL version that breaks API.

With regards to possible workarounds with the OpenSSL API as is:

1. I don't fully understand if we get two different ENGINE* pointers, if
that is the case, the PKA engine could work around this by avoid static
singletons and instead store all globals in a struct and do something
like

struct engine_private {
 ENGINE *engine;
 EVP_PKEY_METHOD *engine_pka_pmeth_X25519;
 EVP_PKEY_METHOD *engine_pka_pmeth_X448;
 EVP_PKEY_ASN1_METHOD *engine_pka_ameth_X25519;
 EVP_PKEY_ASN1_METHOD *engine_pka_ameth_X448;
}

keeping a dynamic array or linked list of that, and then looking up the
one for the correct engine when we get asked to return by OpenSSL in
engine_pka_pkey_meths and engine_pka_X25519_keygen().

2. It might also be worth to see if those methods could be allocated
statically instead of using _new, from what I see, the deletion then
becomes a no-op, leaving only the variables in destroy() to worry about.
Since they are not really linked to the ENGINE AFAICT, it seems one
could implement a reference count for them.

3. There certainly are ways we could "hack" around the issue by setting
an external setting somewhere when retrieving the pmeth and ameth to say
that the value returned will be invalidated, currently openssl loops
over all pkey meths and does

if (e->pkey_meths(e, &pkm, NULL, pknids[i]))
{
   EVP_PKEY_meth_free(pkm);
}

It could be hacked into something like

setenv("UBUNTU_PKEY_METH_TO_BE_INVALIDATED", "1");
if (e->pkey_meths(e, &pkm, NULL, pknids[i]))
{
   unsetenv("UBUNTU_PKEY_METH_TO_BE_INVALIDATED");
   EVP_PKEY_meth_free(pkm);
}

But this is arguably the worst of all possible workarounds.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1921518

Title:
  OpenSSL "double free" error

Status in openssl package in Ubuntu:
  Incomplete
Status in openssl source package in Focal:
  Incomplete

Bug description:
  "double free" error is seen when using curl utility. Error is from
  libcrypto.so which is part of the OpenSSL package. This happens only
  when OpenSSL is configured to use a dynamic engine.

  OpenSSL version is 1.1.1f

  The issue is not encountered if
  http://www.openssl.org/source/openssl-1.1.1f.tar.gz is used instead.

  OpenSSL can be configured to use a dynamic engine by editing the default openssl config file which is located at '/etc/ssl/openssl.cnf' on Ubuntu systems.

  On Bluefield systems, config diff to enable PKA dynamic engine, is as
  below:

  +openssl_conf = conf_section
  +
   # Extra OBJECT IDENTIFIER info:
   #oid_file              = $ENV::HOME/.oid
   oid_section            = new_oids

  +[ conf_section ]
  +engines = engine_section
  +
  +[ engine_section ]
  +bf = bf_section
  +
  +[ bf_section ]
  +engine_id=pka
  +dynamic_path=/usr/lib/aarch64-linux-gnu/engines-1.1/pka.so
  +init=0
  +

  engine_id above refers to dynamic engine name/identifier.
  dynamic_path points to the .so file for the dynamic engine.

  # curl -O https://tpo.pe/pathogen.vim

  double free or corruption (out)

  Aborted (core dumped)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1921518/+subscriptions