|
From: | Sam Varshavchik |
Subject: | gnutls_rsa_params_export_pkcs1 not thread safe |
Date: | Fri, 01 Jul 2011 23:43:28 -0400 |
The way I'm tracing the logic, my gnutls_params_t gets passed to gnutls_x509_privkey_export(), and then to _gnutls_asn1_encode_rsa(). The first parameter that _gnutls_asn1_encode_rsa receives is a pointer to the "key" member of the structure that gnutls_rsa_params_t points to.
It looks to me that _gnutls_asn1_encode_rsa() ends up writing to the "key" member in this fashion. Because I'm exporting gnutls_rsa_params_t concurrently from multiple threads, they end up stomping on each other. And, when 'key' is already populated, _gnutls_asn1_encode_rsa() attempts to free it. That, I believe, is the reason why glibc's is accusing me of double- freeing something, and nuking me from high orbit.
Ok, I'll protect the whole thing with my own mutex. Problem solved, I think. But, it just bugs me that I had absolutely no clue that gnutls_rsa_params_export_pkcs1() could possibly be not thread safe. I missed this entirely. I had nothing to suggest that it modifies the gnutls_rsa_params_t. I've read the part of the docs that talk about thread safety, I declare GCRY_THREAD_OPTION_PTHREAD_IMPL and invoke gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread), before gnutls_global_init(), I thought that I had my bases covered; so I'm wondering what else is not thread-safe, and I need to protect it with a mutex.
What about gnutls_rsa_params_export_raw()? Is that thread safe? What about gnutls_dh_params_export_pkcs3() and gnutls_dh_params_export_raw()?
pgpsua4n8hEJ1.pgp
Description: PGP signature
[Prev in Thread] | Current Thread | [Next in Thread] |