You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kudu.apache.org by da...@apache.org on 2017/02/07 18:59:13 UTC

[3/3] kudu git commit: Fix TSAN segfault on Centos 6

Fix TSAN segfault on Centos 6

The OpenSSL version shipped with Centos 6 appears to segfault if a
nullptr is passed to OBJ_find_sigid_algs with TSAN. I haven't been able
to actually figure out why, I haven't been succesful in finding the
Centos 6 source for OpenSSL, and the version it's based on correctly
checks for null[1]. Attempting to set a breakpoint on the function
yielded no source, even with the debuginfo OpenSSL rpm installed.

[1] https://github.com/openssl/openssl/blob/OpenSSL_1_0_1e/crypto/objects/obj_xref.c#L115

Change-Id: I5ea3ad372f98ff423425858c09cb0977f372b2e5
Reviewed-on: http://gerrit.cloudera.org:8080/5924
Reviewed-by: Todd Lipcon <to...@apache.org>
Tested-by: Kudu Jenkins


Project: http://git-wip-us.apache.org/repos/asf/kudu/repo
Commit: http://git-wip-us.apache.org/repos/asf/kudu/commit/8971bc53
Tree: http://git-wip-us.apache.org/repos/asf/kudu/tree/8971bc53
Diff: http://git-wip-us.apache.org/repos/asf/kudu/diff/8971bc53

Branch: refs/heads/master
Commit: 8971bc53514ac228852bcab971ac6f0320fdd426
Parents: e95c29b
Author: Dan Burkert <da...@apache.org>
Authored: Mon Feb 6 23:56:25 2017 -0800
Committer: Dan Burkert <da...@apache.org>
Committed: Tue Feb 7 18:58:51 2017 +0000

----------------------------------------------------------------------
 src/kudu/security/cert.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/kudu/blob/8971bc53/src/kudu/security/cert.cc
----------------------------------------------------------------------
diff --git a/src/kudu/security/cert.cc b/src/kudu/security/cert.cc
index fa373da..6b7d45c 100644
--- a/src/kudu/security/cert.cc
+++ b/src/kudu/security/cert.cc
@@ -77,7 +77,8 @@ Status Cert::GetServerEndPointChannelBindings(string* channel_bindings) const {
 
   // Retrieve the digest algorithm type.
   int digest_nid;
-  OBJ_find_sigid_algs(signature_nid, &digest_nid, nullptr /* public_key_nid */);
+  int public_key_nid;
+  OBJ_find_sigid_algs(signature_nid, &digest_nid, &public_key_nid);
 
   // RFC 5929: if the certificate's signatureAlgorithm uses no hash functions or
   // uses multiple hash functions, then this channel binding type's channel