cURL / Mailing Lists / curl-library / Single Mail

curl-library

BoringSSL crash on Win32

From: Gisle Vanem <gvanem_at_yahoo.no>
Date: Fri, 4 Mar 2016 22:01:32 +0100

I'm built libcurl using BoringSSL (MSVC-2015) but it crashes
for a very good reason. Here is the call-stack (slightly edited):

ucrtbase!_invoke_watson+0x12
ucrtbase!_invalid_parameter+0xab
ucrtbase!_invalid_parameter_noinfo+0xb
ucrtbase!_write+0xf1
bssl_crypto!fd_write(struct bio_st * b = 0x03353820, char * in = 0x041b9c3b "???", int inl = 0n200)+0x17
bssl_crypto!bio_io(struct bio_st * bio = 0x03353820, void * buf = 0x041b9c3b, int len = 0n200,
  unsigned int method_offset = 8, int callback_flags = 0n3, unsigned int * num = 0x03353850)+0x83
bssl_crypto!BIO_write(struct bio_st * bio = 0x03353820, void * in = 0x041b9c3b, int inl = 0n200)+0x1a
bssl_ssl!tls_write_buffer_flush(struct ssl_st * ssl = 0x0333bb58)+0x2c
bssl_ssl!ssl_write_buffer_flush(struct ssl_st * ssl = 0x0333bb58)+0x45
bssl_ssl!ssl3_write_pending(struct ssl_st * ssl = 0x0333bb58, int type = 0n22,
  unsigned char * buf = 0x041b36d0 "???", unsigned int len = 0xc3)+0x38
bssl_ssl!do_ssl3_write(struct ssl_st * ssl = 0x0333bb58, int type = 0n22,
  unsigned char * buf = 0x041b36d0 "???", unsigned int len = 0xc3)+0x129
bssl_ssl!ssl3_write_bytes(struct ssl_st * ssl = 0x0333bb58, int type = 0n22,
  void * buf_ = 0x041b36d0, int len = 0n195)+0xc2
bssl_ssl!ssl3_do_write(struct ssl_st * ssl = 0x0333bb58, int type = 0n22)+0x1c
bssl_ssl!ssl3_handshake_write(struct ssl_st * ssl = 0x0333bb58)+0xb
bssl_ssl!ssl3_send_client_hello(struct ssl_st * ssl = 0x0333bb58)+0x307
bssl_ssl!ssl3_connect(struct ssl_st * ssl = 0x0333bb58)+0x1b4
libcurl!ossl_connect_step2(struct connectdata * conn = 0x0327eaa0, int sockindex = 0n0)+0x60
libcurl!ossl_connect_common(struct connectdata * conn = 0x0327eaa0, int sockindex = 0n0,
  bool nonblocking = true,
  ....

--------------

Dr. Watson triggers because 'write()' in BoringSSL's crypto/bio/fd.c
is given a socket! I see in WinDbg that the socket is 'b->num == 440'.
Who's fault it that?

I'm not able to follow all the details of SSL/TLS in libcurl/BoringSSL, but
I feel a 'BIO_new_socket()' should be used instead somehow to make it call
'send()' in it's method-handler 'sock_write()' (crypto/bio/socket.c).

PS. I've no problem with OpenSSL and MSVC-2015.

-- 
--gv
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:  https://curl.haxx.se/mail/etiquette.html
Received on 2016-03-04