search

sagebind / isahc

The practical HTTP client that is fun to use.
https://docs.rs/isahc
MIT License
705 stars 62 forks source link

Corrupting the stack at startup in OpenSSL's `provider_conf_init` #434

Closed kvark closed 7 months ago

kvark commented 7 months ago

I'm porting Zed to Linux - https://github.com/zed-industries/zed/pull/7343 It's currently crashing on startup even before main is entered. Call stacks are corrupted until I build with "safestack" sanitizer, in which case it produces the following stack: openssl-crash2-stack.txt

Strace shows the configuration file read as the last thing:

openat(AT_FDCWD, "/nix/store/l0rxwrg41k3lsdiybf8q0rf3nk430zr8-openssl-3.0.12/etc/ssl/openssl.cnf", O_RDONLY) = 3
newfstatat(3, "", {st_mode=S_IFREG|0444, st_size=12324, ...}, AT_EMPTY_PATH) = 0
read(3, "#\n# OpenSSL example configuratio"..., 4096) = 4096
read(3, "d attributes must be the same, a"..., 4096) = 4096
read(3, "coding of an extension: beware e"..., 4096) = 4096
read(3, " = $insta::certout # insta.cert."..., 4096) = 36
read(3, "", 4096)                       = 0
close(3)                                = 0
futex(0x7f14c78795d8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7f14c787961c, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7f14c7879d7c, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7f14c7879d74, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7f14c78795b8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---

I believe the callstack is coming from curl, which is coming to Zed through this dependency:

isahc = { version = "1.7.2", default-features = false, features = ["static-curl", "text-decoding"] }

Note: was first submitted to https://github.com/sfackler/rust-openssl/issues/2160

kvark commented 7 months ago

Tried removing both features here - makes no difference, still crashes in the same place.

kvark commented 7 months ago

Based on feedback from "gabydd" in Zed Discord, this issue is likely caused by our erroneous build.rs instructions:

        println!("cargo:rustc-env=MACOSX_DEPLOYMENT_TARGET=10.15.7");

        println!("cargo:rerun-if-env-changed=ZED_BUNDLE");
        if std::env::var("ZED_BUNDLE").ok().as_deref() == Some("true") {
            // Find WebRTC.framework in the Frameworks folder when running as part of an application bundle.
            println!("cargo:rustc-link-arg=-Wl,-rpath,@executable_path/../Frameworks");
        } else {
            // Find WebRTC.framework as a sibling of the executable when running outside of an application bundle.
            println!("cargo:rustc-link-arg=-Wl,-rpath,@executable_path");
        }

        // Weakly link ReplayKit to ensure Zed can be used on macOS 10.15+.
        println!("cargo:rustc-link-arg=-Wl,-weak_framework,ReplayKit");

        // Seems to be required to enable Swift concurrency
        println!("cargo:rustc-link-arg=-Wl,-rpath,/usr/lib/swift");

        // Register exported Objective-C selectors, protocols, etc
        println!("cargo:rustc-link-arg=-Wl,-ObjC");

These aren't supposed to be on with Linux. Closing.