Skip to content

Null-guard EVP_AEAD_CTX_cleanup for fork safety with shared memory#3280

Open
WillChilds-Klein wants to merge 6 commits into
aws:mainfrom
WillChilds-Klein:fix/aead-cleanup-null-guard
Open

Null-guard EVP_AEAD_CTX_cleanup for fork safety with shared memory#3280
WillChilds-Klein wants to merge 6 commits into
aws:mainfrom
WillChilds-Klein:fix/aead-cleanup-null-guard

Conversation

@WillChilds-Klein

@WillChilds-Klein WillChilds-Klein commented Jun 1, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Issues:

Resolves #P425555771

Description of changes:

Summary

Applications that use fork() with MAP_SHARED memory for TLS connection state can trigger a SIGSEGV in EVP_AEAD_CTX_cleanup. This occurs because DEFINE_METHOD_FUNCTION lazily initializes AEAD vtables via CRYPTO_once into .bss storage. After fork(), each process has an independent .bss copy. If a child process initializes the vtable (by performing TLS) and stores an EVP_AEAD_CTX in shared memory, the parent process's vtable remains zeroed. When the parent calls EVP_AEAD_CTX_cleanup, it dereferences ctx->aead->cleanup
which is NULL, crashing the process.

Call-outs:

n/a

Testing:

Adds aead_fork_test, an isolated test binary that verifies EVP_AEAD_CTX_cleanup tolerates an uninitialized vtable after fork(). The test is a separate executable (like rand_isolated_test) because it requires that AEAD vtables are NOT initialized before the test runs. The FIPS power-on self-test and other tests in crypto_test trigger vtable initialization as a side effect.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

@WillChilds-Klein
Null-guard EVP_AEAD_CTX_cleanup for fork safety with shared memory
8e96669 
Applications that use fork() with MAP_SHARED memory for TLS connection
state can trigger a SIGSEGV in EVP_AEAD_CTX_cleanup. This occurs because
DEFINE_METHOD_FUNCTION lazily initializes AEAD vtables via CRYPTO_once
into .bss storage. After fork(), each process has an independent .bss
copy. If a child process initializes the vtable (by performing TLS) and
stores an EVP_AEAD_CTX in shared memory, the parent process's vtable
remains zeroed. When the parent calls EVP_AEAD_CTX_cleanup, it
dereferences ctx->aead->cleanup which is NULL, crashing the process.

This commit adds a null-check on ctx->aead->cleanup before calling it.
This is safe because:
- All AES-GCM cleanup functions are no-ops (empty function body)
- aead_chacha20_poly1305_cleanup is also a no-op
- In the cross-process cleanup scenario, skipping cleanup prevents a
  crash with no resource leak (the shared memory pool manages lifetime)

Also adds aead_fork_test, an isolated test binary that verifies
EVP_AEAD_CTX_cleanup tolerates an uninitialized vtable after fork().
github-actions[bot]
github-actions Bot reviewed Jun 1, 2026
View reviewed changes

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

clang-tidy made some suggestions

Comment thread crypto/cipher_extra/aead_fork_test.cc Outdated
Comment thread crypto/cipher_extra/aead_fork_test.cc Outdated
Comment thread crypto/cipher_extra/aead_fork_test.cc Outdated
@codecov-commenter

codecov-commenter commented Jun 1, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 56.25000% with 35 lines in your changes missing coverage. Please review.
✅ Project coverage is 78.14%. Comparing base (e537abc) to head (7bb57a4).
⚠️ Report is 11 commits behind head on main.

Files with missing lines Patch % Lines
crypto/cipher_extra/aead_fork_test.cc 55.12% 31 Missing and 4 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3280      +/-   ##
==========================================
- Coverage   78.39%   78.14%   -0.25%     
==========================================
  Files         693      694       +1     
  Lines      123806   123882      +76     
  Branches    17195    17197       +2     
==========================================
- Hits        97060    96813     -247     
- Misses      25826    26147     +321     
- Partials      920      922       +2

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

WillChilds-Klein and others added 3 commits June 3, 2026 13:09
@WillChilds-Klein @github-actions
Update crypto/cipher_extra/aead_fork_test.cc
b3af5c0 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@WillChilds-Klein @github-actions
Update crypto/cipher_extra/aead_fork_test.cc
6caff9c 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@WillChilds-Klein @github-actions
Update crypto/cipher_extra/aead_fork_test.cc
361a885 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@WillChilds-Klein WillChilds-Klein marked this pull request as ready for review June 18, 2026 19:19
@WillChilds-Klein WillChilds-Klein requested a review from a team as a code owner June 18, 2026 19:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@WillChilds-Klein @codecov-commenter