Subject: Multithreaded SFTP application crash on CRYPTO_free in SUSE SLES12 environment

Multithreaded SFTP application crash on CRYPTO_free in SUSE SLES12 environment

From: Paolo Elefante <paolo.elefante_at_ericsson.com>
Date: Tue, 19 Apr 2016 09:13:28 +0000

Hi there,
I use libssh2 (libssh2-1-1.4.3-16.1.x86_64) to establish SFTP connections in parallel in my multithreaded application running on Linux SUSE.
That code perfectly works on SUSE SLES11, but as I tried to migrate to SLES12 I got a serious crash.

As the application tries to open an SFTP connection, I get a systematic crash on "CRYPTO_free" when invoking 'libssh2_session_handshake'.
I have checked the core dump using symbols and I'm sure that both TCP connection and SSH Session have been established ('libssh2_session_init' is successful).

In detail, libssh2_session_handshake crashes while invoking HMAC_Init_ex, EVP_DigestInit_ex, CRYPTO_free:
#0 0x00007fe3600eb0a7 in raise () from /lib64/libc.so.6
#1 0x00007fe3600ec458 in abort () from /lib64/libc.so.6
#2 0x00007fe360128764 in __libc_message () from /lib64/libc.so.6
#3 0x00007fe36012dfce in malloc_printerr () from /lib64/libc.so.6
#4 0x00007fe361e6b3fd in CRYPTO_free () from /lib64/libcrypto.so.1.0.0
#5 0x00007fe361ef4009 in EVP_DigestInit_ex () from /lib64/libcrypto.so.1.0.0
#6 0x00007fe361e79360 in HMAC_Init_ex () from /lib64/libcrypto.so.1.0.0
#7 0x00007fe36291ee7a in ?? () from /usr/lib64/libssh2.so.1
#8 0x00007fe36292d3e9 in ?? () from /usr/lib64/libssh2.so.1
#9 0x00007fe362924bd3 in libssh2_session_handshake () from /usr/lib64/libssh2.so.1

I have initialized OpenSSL for a multithreaded environment using static locking callbacks. I have also verified that callbacks are triggered by the underlying openssl stratum.
I initialized libssh2 using "libssh2_init(0)"

I guess there's problem in the setup of my environment, but I can't figure it out.

The same code works on SUSE SLES11 where my application linked libcrypto.so.0.9.8 and libssl.so.0.9.8, on the contrary on SLES12 my application is linking libcrypto.so.1.0.0 and libssl.so.1.0.0.

Has anyone experienced this problem or have a suggestion?

Thank you so much for your support.

Best Regards
/Paolo

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2016-04-19