[New-bugs-announce] [issue29340] SSL destructor segfaults in python3.6 threads when an unverified-cert connection is closed

Nick Sweeting report at bugs.python.org
Sat Jan 21 18:37:20 EST 2017


New submission from Nick Sweeting:

I mistakenly thought this bug was a pyOpenSSL bug, so I reported it there (https://github.com/pyca/pyopenssl/issues/588), but it looks like this is actually a bug in CPython.

See the link for a nicer formatted bug report with more details.

Code to reproduce: https://gist.github.com/pirate/6649314e02384274b29e04364c9d0c16

Crash dump:
https://gist.github.com/pirate/e1485110093d2d9fc49596e6ff481777

Description:
The bug is a segmentation fault when closing several secure websockets from inside concurrent python3.6 threads: 
```pythohn
'python3.6 libssl_bug.py' terminated by signal SIGSEGV (Address boundary error)
```

It does not occur when doing it in a single thread, only when closing multiple threads at once.


```python
threads = []
for _ in range(NUM_THREADS):
    t = SocketThread('wss://echo.websocket.org/', ssl_opt={'cert_reqs': 0})
    t.start()
    threads.append(t)

sleep(4)

for t in threads:
    t.keep_running = False
    t.ws.close()  # libssl segfaults on python3.6 when closing a wss:// connection with cert_reqs=0
    t.join()

```

This is my first python bug report, so apologies if I didn't get the formatting right or if I'm missing some info.

----------
assignee: christian.heimes
components: SSL, macOS
files: libssl_bug.py
messages: 285971
nosy: Nick Sweeting, christian.heimes, ned.deily, ronaldoussoren
priority: normal
severity: normal
status: open
title: SSL destructor segfaults in python3.6 threads when an unverified-cert connection is closed
type: crash
versions: Python 3.6
Added file: http://bugs.python.org/file46375/libssl_bug.py

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue29340>
_______________________________________


More information about the New-bugs-announce mailing list