search

oven-sh / bun

Incredibly fast JavaScript runtime, bundler, test runner, and package manager – all in one
https://bun.sh
Other
73.54k stars 2.71k forks source link

Bun crashes when providing serverName on tls config #14333

Open shahriar-shojib opened 2 days ago

shahriar-shojib commented 2 days ago

How can we reproduce the crash?

Bun.serve({
    fetch: (request) => new Response('Welcome to Bun!'),
    port: 3000,
    tls: {
        cert: Bun.file('./certs/fullchain.pem'),
        key: Bun.file('./certs/privkey.pem'),
        serverName: 'somedomain.com'
    }
});

Relevant log output

No response

Stack Trace (bun.report)

Bun v1.1.29 (6d43b36) on macos aarch64 [AutoCommand]

Segmentation fault at address 0x00000178

Features: jsc, Bun.stdin, dotenv, https_server, tsconfig

shahriar-shojib commented 2 days ago

If I do not supply the serverName it works, and it works as expected

Jarred-Sumner commented 2 days ago

Repro: pass an invalid certificate to Bun.serve().

Run the following command:

 openssl req -x509 -newkey rsa:4096 -keyout certs/privkey.pem -out certs/fullchain.pem -days 365 -nodes -subj "/CN=localhost"

Then, change one byte somewhere in the certificate files to something incorrect.

Debug logs:

../../packages/bun-uws/src/App.h:116:56: runtime error: null pointer passed as argument 2, which is declared to never be null
../../packages/bun-usockets/src/libusockets.h:237:53: note: _Nonnull type annotation specified here
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../packages/bun-uws/src/App.h:116:56
../../packages/bun-usockets/src/context.c:218:60: runtime error: null pointer passed as argument 1, which is declared to never be null
../../packages/bun-usockets/src/internal/internal.h:306:5: note: _Nonnull type annotation specified here
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../packages/bun-usockets/src/context.c:218:60
============================================================
Bun Debug v1.1.30 (e74dcc12) macOS Silicon
macOS v14.4.1
Args: "bun-debug" "--smol" "a.js"
Features: https_server jsc
Builtins: "bun:main"
Elapsed: 35ms | User: 32ms | Sys: 17ms
RSS: 96.70MB | Peak: 96.70MB | Commit: 1.07GB | Faults: 75

panic(main thread): Segmentation fault at address 0x178
???:?:?: 0x19ae5f583 in ??? (libsystem_platform.dylib)
???:?:?: 0xc4b000107e9dbb7 in ??? (???)
???:?:?: 0x107e9dbb7 in _SSL_CTX_set_ex_data (???)
../../packages/bun-usockets/src/crypto/openssl.c:1344:12: 0x1023aa5a7 in us_bun_internal_ssl_socket_context_add_server_name (../../packages/bun-usockets/src/crypto/openssl.c)
../../packages/bun-usockets/src/context.c:218:9: 0x1023a0073 in us_bun_socket_context_add_server_name (../../packages/bun-usockets/src/context.c)
../../packages/bun-uws/src/App.h:116:13: 0x102eb0fff in addServerName (../../src/deps/libuwsockets.cpp)
../../src/deps/libuwsockets.cpp:543:15: 0x102eb1147 in uws_add_server_name_with_options (../../src/deps/libuwsockets.cpp)
/Users/jarred/Code/bun/src/deps/uws.zig:3451:52: 0x103fea0db in addServerNameWithOptions (bun-debug)
            return uws_add_server_name_with_options(ssl_flag, @as(*uws_app_t, @ptrCast(app)), hostname_pattern, opts);
                                                   ^
/Users/jarred/Code/bun/src/bun.js/api/server.zig:7096:58: 0x103badbe3 in listen (bun-debug)
                        this.app.addServerNameWithOptions(ssl_config.server_name, ssl_options);
                                                         ^
/Users/jarred/Code/bun/src/bun.js/api/BunObject.zig:3343:26: 0x103ba5bd3 in function (bun-debug)
            server.listen();
                         ^

fish: Job 1, 'bun-debug --smol a.js' terminated by signal SIGTRAP (Trace or breakpoint trap)