| Subject: | Segfault with blocking(1) and closed connection |
Heya,
I've discovered a complicated bug in OpenSSL/Net::SSLeay, which
results in a segfault. I've only managed a testcase using
IO::Socket::SSL, but the segfault is in the bowels of the SSL code. It
has the additional "exciting" complication that the segfault goes away
if you crank $Net::SSLeay::trace up to 4 or higher, and resolves itself
to a simple SIGPIPE.
Attached is also what I believe to be the correct fix: checking $! as
well as the SSL error codes. It solves the segfault, at least.
- Alex
| Subject: | ssl-segfault.patch |
diff -ru Net-SSLeay-1.32-60qud5/lib/Net/SSLeay.pm Net-SSLeay-1.32-20fywK/lib/Net/SSLeay.pm
--- Net-SSLeay-1.32-60qud5/lib/Net/SSLeay.pm 2007-09-03 17:09:59.000000000 -0400
+++ Net-SSLeay-1.32-20fywK/lib/Net/SSLeay.pm 2007-11-16 13:55:53.000000000 -0500
@@ -1730,7 +1730,7 @@
warn " written so far $wrote:$written bytes (VM=$vm)\n" if $trace>2;
$errs .= print_errs('SSL_write');
- return (wantarray ? (undef, $errs) : undef) if $errs;
+ return (wantarray ? (undef, $errs) : undef) if $errs or $!;
}
return wantarray ? ($written, $errs) : $written;
}
| Subject: | crash-server.pl |
use strict;
use warnings;
use IO::Socket::SSL;
my $listen = IO::Socket::SSL->new(
Listen => 1,
LocalPort => 4243,
ReuseAddr => 1
);
print "Listening\n";
my $talk = $listen->accept;
print "Connected\n";
print "Got: ".$talk->getline;
$talk->print("Response\n");
print "Got: ".$talk->getline;
print "Sleeping\n";
sleep 5;
$SIG{PIPE} = sub {warn "SIGPIPE; closing\n"; $talk->close;};
print "About to respond\n";
$talk->blocking(1);
$talk->print("Aaaaah!\n") or die "Can't write: $!";
$talk->close;
print "Done.\n";
| Subject: | crash-client.pl |
use strict;
use warnings;
use IO::Socket::SSL;
print "Connecting\n";
my $talk = IO::Socket::SSL->new(
PeerPort => 4243,
PeerHost => "localhost",
) or die "Can't create connection\n";
$talk->print("Hello!\nOther thing\n");
print "Sleeping\n";
sleep 2;
print "Closing\n";
$talk->close;
print "Done.\n";