Prevent a crash in GMP_Engine if the library is shutdown and then

reinitialized. It would cache an Allocator pointer on first use,
and then never zero it, so after the reinit the pointer would be going
to a now deallocated Allocator object.

Encountered in the SoftHSM test suite, reported by Ondrej Sury.

Use a simple reference counting scheme to zero the pointer, and reset
the GNU MP memory functions. This also fixes a quite obscure and never
reported bug, that if the GMP engine was used, and if the library was
deinitialized but then the program tried to use GNU MP, the allocator
functions would crash. Now after deinit the allocator funcs revert to the
defaults.

The reference count is not updated atomically so this is not thread safe,
but seems a non-issue; the only time this could happen (especially now that
the GMP engine header is internal-only) is if multiple threads were attempting
to initialize / shutdown the library at once - which won't work anyway for
a variety of reasons, including contention on the (unlocked) global_lib_state
pointer.

If at some point thread safety is useful here, the refcnt can be locked by
a mutex, or kept in an atomic<unsigned int>.

1 files changed, 1 insertions, 0 deletions

diff --git a/doc/log.txt b/doc/log.txt
index 3db4205f3..ef16d85bf 100644
--- a/doc/log.txt
+++ b/doc/log.txt
@@ -7,6 +7,7 @@
  - Add SQLite3 db encryption codec, contributed by Olivier de Gaalon
  - Add a block cipher cascade construction
  - Add support for Win32 high resolution system timers
+ - Fix crash in GMP_Engine if library is shutdown and reinitialized
  - Remove Timer class entirely
  - Switch default PKCS #8 encryption algorithm from 3DES to AES-256
  - New option --gen-amalgamation for creating a SQLite-style amalgamation