gnutls_rsa_params_export_pkcs1 not thread safe

[Sam Varshavchik]

A long and painful debugging session seems to indicate that the root of my  
problems is that gnutls_rsa_params_export_pkcs1() is not thread safe. I was  
invoking this function with the same gnutls_rsa_params_t, concurrently from  
multiple threads.

The way I'm tracing the logic, my gnutls_params_t gets passed to  
gnutls_x509_privkey_export(), and then to _gnutls_asn1_encode_rsa(). The  
first parameter that _gnutls_asn1_encode_rsa receives is a pointer to the  
"key" member of the structure that gnutls_rsa_params_t points to.

It looks to me that _gnutls_asn1_encode_rsa() ends up writing to the "key"  
member in this fashion. Because I'm exporting gnutls_rsa_params_t  
concurrently from multiple threads, they end up stomping on each other. And,  
when 'key' is already populated, _gnutls_asn1_encode_rsa() attempts to free  
it. That, I believe, is the reason why glibc's is accusing me of double- 
freeing something, and nuking me from high orbit.

Ok, I'll protect the whole thing with my own mutex. Problem solved, I think.  
But, it just bugs me that I had absolutely no clue that  
gnutls_rsa_params_export_pkcs1() could possibly be not thread safe. I missed  
this entirely. I had nothing to suggest that it modifies the  
gnutls_rsa_params_t. I've read the part of the docs that talk about thread  
safety, I declare GCRY_THREAD_OPTION_PTHREAD_IMPL and invoke  
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread), before  
gnutls_global_init(), I thought that I had my bases covered; so I'm  
wondering what else is not thread-safe, and I need to protect it with a  
mutex.

What about gnutls_rsa_params_export_raw()? Is that thread safe? What about  
gnutls_dh_params_export_pkcs3() and gnutls_dh_params_export_raw()?

pgpsua4n8hEJ1.pgp
Description: PGP signature