Skip to content

Comments

Fix crash on encrypted TLS key usage under MSan #94182

Merged
thevar1able merged 5 commits intomasterfrom
fix-msan-in-openssl-p12_decr
Jan 20, 2026
Merged

Fix crash on encrypted TLS key usage under MSan #94182
thevar1able merged 5 commits intomasterfrom
fix-msan-in-openssl-p12_decr

Conversation

@thevar1able
Copy link
Member

@thevar1able thevar1able commented Jan 14, 2026
edited
Loading

Changelog category (leave one):

  • Improvement

Changelog entry (a user-readable short description of the changes that goes into CHANGELOG.md):

Fix uninitialized memory access when password protected TLS key is used.

@thevar1able thevar1able linked an issue Jan 14, 2026 that may be closed by this pull request
MSAN: Crash When Enabling SSL with Passphrase-Protected Server Key #83380
Closed
@clickhouse-gh
Copy link
Contributor

clickhouse-gh bot commented Jan 14, 2026
edited by thevar1able
Loading

Workflow [PR], commit [739518b]

Summary:

job_name test_name status info comment
BuzzHouse (amd_debug) failure
Logical error: 'Inconsistent AST formatting: the query: (STID: 1941-1bfa) FAIL cidb, issue ISSUE EXISTS

@clickhouse-gh clickhouse-gh bot added pr-critical-bugfix submodule changed At least one submodule changed in this PR. pr-must-backport Pull request should be backported intentionally. Use this label with great care! labels Jan 14, 2026
@rschu1ze rschu1ze mentioned this pull request Jan 14, 2026
Merged
@rschu1ze rschu1ze self-assigned this Jan 14, 2026
@thevar1able thevar1able marked this pull request as ready for review January 15, 2026 18:00
@alexey-milovidov
Copy link
Member

alexey-milovidov commented Jan 18, 2026

It tells that no new tests are added. Either add a test or mark this as not a bugfix.

@thevar1able thevar1able marked this pull request as draft January 19, 2026 14:50
@thevar1able
Copy link
Member Author

thevar1able commented Jan 19, 2026
edited
Loading

I was wondering why test_reload_certificate didn't catch it, as it does exactly the necessary thing to trigger this issue; TIL we don't run integration tests with MSan.

I want to try using password protected certificates in stateless tests, but if it breaks too much stuff I'll change the changelog category.

@clickhouse-gh clickhouse-gh bot added pr-improvement Pull request with some product improvements and removed pr-critical-bugfix labels Jan 19, 2026
@thevar1able thevar1able removed the pr-must-backport Pull request should be backported intentionally. Use this label with great care! label Jan 19, 2026
@thevar1able thevar1able marked this pull request as ready for review January 19, 2026 16:05
@thevar1able thevar1able added this pull request to the merge queue Jan 20, 2026
Merged via the queue into master with commit 7da8015 Jan 20, 2026
130 of 132 checks passed
@thevar1able thevar1able deleted the fix-msan-in-openssl-p12_decr branch January 20, 2026 13:45
@robot-ch-test-poll1 robot-ch-test-poll1 added the pr-synced-to-cloud The PR is synced to the cloud repo label Jan 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rschu1ze rschu1ze rschu1ze approved these changes

Assignees

@rschu1ze rschu1ze

Labels

pr-improvement Pull request with some product improvements pr-synced-to-cloud The PR is synced to the cloud repo submodule changed At least one submodule changed in this PR.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

MSAN: Crash When Enabling SSL with Passphrase-Protected Server Key

4 participants

@thevar1able @alexey-milovidov @rschu1ze @robot-ch-test-poll1