Description
When running message_sender_sample from azure-uamqp-c, the process can crash with a segmentation fault during startup, inside OpenSSL configuration cleanup (_CONF_free_data), triggered by a NULL return from OpenSSL APIs.
The crash happens before any AMQP connection is established, during platform_init() → HTTPAPI_Init() → libcurl → OpenSSL initialization.
This indicates missing defensive handling of OpenSSL failure paths during platform / HTTP initialization, resulting in a process crash (DoS).
Environment
- OS: Linux x86_64
- OpenSSL: 1.1.x
- Compiler: gcc 9.x
- Sample: samples/message_sender_sample
Observed Behavior
The process crashes with a segmentation fault inside OpenSSL during configuration cleanup.
Excepted Behavior
If OpenSSL initialization or configuration fails (e.g., due to NULL return from internal APIs), the error should be properly detected and propagated as a failure. The process should not crash due to unhandled OpenSSL failure paths.
Analysis
The crash occurs during OpenSSL global initialization triggered by libcurl inside HTTPAPI_Init(), and platform_init() eagerly initializes HTTP / TLS components, causing OpenSSL configuration to be loaded early. When OpenSSL returns NULL in certain config-related paths, the failure is not properly handled, leading to inconsistent OpenSSL internal state and a crash during cleanup. This suggests missing defensive checks or insufficient isolation of OpenSSL initialization failures in the shared utility layer.
HTTPAPI_RESULT HTTPAPI_Init(void)
{
HTTPAPI_RESULT result;
if (nUsersOfHTTPAPI == 0)
{
if (curl_global_init(CURL_GLOBAL_NOTHING) != 0)
{
result = HTTPAPI_INIT_FAILED;
LogError("(result = %" PRI_MU_ENUM ")", MU_ENUM_VALUE(HTTPAPI_RESULT, result));
}
else
{
nUsersOfHTTPAPI++;
result = HTTPAPI_OK;
}
}
else
{
nUsersOfHTTPAPI++;
result = HTTPAPI_OK;
}
return result;
}Impact
- Process crash during startup
- Denial-of-service risk if triggered by malformed certificates or edge-case OpenSSL behavior
- Affects any application using platform_init() / HTTPAPI_Init() even if HTTP functionality is not required
Description
When running message_sender_sample from azure-uamqp-c, the process can crash with a segmentation fault during startup, inside OpenSSL configuration cleanup (_CONF_free_data), triggered by a NULL return from OpenSSL APIs.
The crash happens before any AMQP connection is established, during platform_init() → HTTPAPI_Init() → libcurl → OpenSSL initialization.
This indicates missing defensive handling of OpenSSL failure paths during platform / HTTP initialization, resulting in a process crash (DoS).
Environment
Observed Behavior
The process crashes with a segmentation fault inside OpenSSL during configuration cleanup.
Excepted Behavior
If OpenSSL initialization or configuration fails (e.g., due to NULL return from internal APIs), the error should be properly detected and propagated as a failure. The process should not crash due to unhandled OpenSSL failure paths.
Analysis
The crash occurs during OpenSSL global initialization triggered by libcurl inside
HTTPAPI_Init(), andplatform_init()eagerly initializes HTTP / TLS components, causing OpenSSL configuration to be loaded early. When OpenSSL returns NULL in certain config-related paths, the failure is not properly handled, leading to inconsistent OpenSSL internal state and a crash during cleanup. This suggests missing defensive checks or insufficient isolation of OpenSSL initialization failures in the shared utility layer.Impact