-
Type: Bug
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: 1.9.3
-
Component/s: None
-
None
-
Environment:PHP (mongodb, curl, and openssl extensions), OpenSSL 1.0.2m
PHPC-1158 describes a situation where multiple PHP extensions interacting with OpenSSL resulted in a dangling function pointer to libmongoc's thread id callback being left in place. This ultimately produced a segfault during cURL's shutdown routines, which also interacted with OpenSSL and attempted to invoke that callback after libmongoc had already been unloaded (i.e. dlclose()).
This previously came up in CDRIVER-555. The fix (746d250, released in 1.1.2) introduced the logic we see today that checks the locking callback before assigning or unsetting libmongoc's callbacks.
I propose that _mongoc_openssl_thread_cleanup() be improved to clear the locking and id callbacks independently if either is still assigned to the libmongoc function. _mongoc_openssl_thread_startup() can be left as-is and only assign locking and id callbacks if the locking callback is currently unset.
- is depended on by
-
PHPC-1158 Segfault during OpenSSL cleanup routines
- Closed
- is related to
-
CDRIVER-555 Segfault during OpenSSL cleanup routines
- Closed