On St, 2016-10-12 at 08:21 +0000, Petr Pisar wrote:
> On 2016-10-12, Tomas Mraz <tmraz@xxxxxxxxxx> wrote:
> >
> > On St, 2016-10-12 at 08:22 +0200, Nikos Mavrogiannopoulos wrote:
> > >
> > > Was the load using dlopen() or simply an indirect link?
> Both Perl modules were dlopened. Each of the module linked to
> different OpenSSL directly (DT_NEEDED).
>
> >
> > Also what I would expect to crash is situation where the perl
> > modules
> > linked to different OpenSSL versions try to pass the references to
> > OpenSSL data structures across the versions. That certainly won't
> > work.
> >
> Yes. It passed pointers to BIGNUM and EC_KEY between them.
Now that surely won't work. But it should not be common scenario except
for language bindings where various modules using openssl are in
separate packages. I do not know if there are any other such languages
than perl. Usually all the bindings are in a single package or at worst
there are two packages - one for libcrypto bindings and one for libssl.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
