Crash handling 3DS2 action

[imhugofonseca]

Summary

Hi, I'm trying to implement the new Standard Integration using 3DS2 in a React Native Module for my application and I've been facing some issues related to the internal SSL library in libStripe3DS2.a. The main issue I'm having conflicts with other SSL libraries installed. In my project I had Firebase/Firestore installed that depended on gRPC + BoringSSL and only after updating my firebase versions is when I managed to resolve the problem.

But now I'm having a crash when handling the 3DS2 action.
In the standard integration using the same API it works but in my React Native App it crashes on STDSSL_OPENSSL_free.

Stack

client-Staging`STDSSL_OPENSSL_free:
    0x108a189f0 <+0>:   pushq  %rbp
    0x108a189f1 <+1>:   movq   %rsp, %rbp
    0x108a189f4 <+4>:   subq   $0x20, %rsp
    0x108a189f8 <+8>:   movq   %rdi, -0x8(%rbp)
    0x108a189fc <+12>:  cmpq   $0x0, -0x8(%rbp)
    0x108a18a01 <+17>:  jne    0x108a18a0c               ; <+28> at mem.c
    0x108a18a07 <+23>:  jmp    0x108a18a5d               ; <+109> at mem.c:128
    0x108a18a0c <+28>:  movl   $0x8, %eax
    0x108a18a11 <+33>:  movl   %eax, %esi
    0x108a18a13 <+35>:  movq   -0x8(%rbp), %rcx
    0x108a18a17 <+39>:  addq   $-0x8, %rcx
    0x108a18a1b <+43>:  movq   %rcx, -0x10(%rbp)
    0x108a18a1f <+47>:  movq   -0x10(%rbp), %rdi
    0x108a18a23 <+51>:  callq  0x108a18a70               ; __asan_unpoison_memory_region at mem.c:79
    0x108a18a28 <+56>:  movq   -0x10(%rbp), %rcx
    0x108a18a2c <+60>:  movq   (%rcx), %rcx
    0x108a18a2f <+63>:  movq   %rcx, -0x18(%rbp)
    0x108a18a33 <+67>:  movq   -0x10(%rbp), %rdi
    0x108a18a37 <+71>:  movq   -0x18(%rbp), %rcx
    0x108a18a3b <+75>:  addq   $0x8, %rcx
    0x108a18a3f <+79>:  movq   %rcx, %rsi
    0x108a18a42 <+82>:  callq  0x108a18a80               ; STDSSL_OPENSSL_cleanse at mem.c:156
    0x108a18a47 <+87>:  xorl   %edx, %edx
    0x108a18a49 <+89>:  movq   -0x10(%rbp), %rdi
    0x108a18a4d <+93>:  movq   -0x18(%rbp), %rcx
    0x108a18a51 <+97>:  addq   $0x8, %rcx
    0x108a18a55 <+101>: movq   %rcx, %rsi
    0x108a18a58 <+104>: callq  0x109d56ea0               ; sdallocx
    0x108a18a5d <+109>: addq   $0x20, %rsp     // Thread 1: EXC_BAD_ACCESS (code=2, address=0x11020cea0)
    0x108a18a61 <+113>: popq   %rbp
    0x108a18a62 <+114>: retq   

Thread 1: EXC_BAD_ACCESS (code=2, address=0x11020cea0)

Facing these conflicts would including BoringSSL outside of stripe as a dependency be an option?

Code to reproduce

I'm using the same code as in the standard integration wrapped in a react native bridged module + examples-ios-backend.

I can provide the module and installed pods if needed.

iOS version

12

Installation method

Cocoapods

SDK version

16.0.5

Other information

Not sure if helpful but wheres the call thread stack.

#0	0x0000000109d56ea0 in sdallocx ()
#1	0x0000000108a18a5d in STDSSL_OPENSSL_free at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/mem.c:127
#2	0x0000000108a18b7c in STDSSL_OPENSSL_realloc at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/mem.c:151
#3	0x0000000108a34d59 in STDSSL_sk_insert at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/stack/stack.c:184
#4	0x0000000108a35434 in STDSSL_sk_push at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/stack/stack.c:321
#5	0x0000000108a39db8 in sk_ASN1_VALUE_push at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/../include/openssl/asn1t.h:855
#6	0x0000000108a39b49 in asn1_template_noexp_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:691
#7	0x0000000108a38e37 in asn1_template_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:603
#8	0x0000000108a3784f in asn1_item_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:218
#9	0x0000000108a37665 in STDSSL_ASN1_item_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:535
#10	0x0000000108a66420 in x509_name_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/x509/x_name.c:223
#11	0x0000000108a37a61 in asn1_item_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:256
#12	0x0000000108a39cb1 in asn1_template_noexp_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:712
#13	0x0000000108a38e37 in asn1_template_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:603
#14	0x0000000108a3837f in asn1_item_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:460
#15	0x0000000108a39cb1 in asn1_template_noexp_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:712
#16	0x0000000108a38e37 in asn1_template_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:603
#17	0x0000000108a3837f in asn1_item_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:460
#18	0x0000000108a37665 in STDSSL_ASN1_item_ex_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:535
#19	0x0000000108a375c5 in STDSSL_ASN1_item_d2i at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/tasn_dec.c:154
#20	0x00000001089913bd in STDSSL_ASN1_item_d2i_bio at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/asn1/a_d2i_fp.c:76
#21	0x0000000108a62c2f in STDSSL_d2i_X509_bio at /Users/davidestes/stripe/stripe-3ds2-ios/build-boringssl/boringssl/build/x86_64/../../crypto/x509/x_all.c:155
#22	0x000000010897dcb4 in +[STDSDirectoryServerCertificate _x509CertificateWithData:] at /Users/davidestes/stripe/stripe-3ds2-ios/Stripe3DS2/Stripe3DS2/Internal/DirectoryServerCertificates/STDSDirectoryServerCertificate.m:450
#23	0x000000010897dc12 in -[STDSDirectoryServerCertificate _x509Certificate] at /Users/davidestes/stripe/stripe-3ds2-ios/Stripe3DS2/Stripe3DS2/Internal/DirectoryServerCertificates/STDSDirectoryServerCertificate.m:428
#24	0x000000010897d326 in +[STDSDirectoryServerCertificate customCertificateWithData:] at /Users/davidestes/stripe/stripe-3ds2-ios/Stripe3DS2/Stripe3DS2/Internal/DirectoryServerCertificates/STDSDirectoryServerCertificate.m:89
#25	0x000000010897d59c in +[STDSDirectoryServerCertificate customCertificateWithString:] at /Users/davidestes/stripe/stripe-3ds2-ios/Stripe3DS2/Stripe3DS2/Internal/DirectoryServerCertificates/STDSDirectoryServerCertificate.m:118
#26	0x000000010898a8e6 in -[STDSThreeDS2Service createTransactionForDirectoryServer:serverKeyID:certificateString:rootCertificateStrings:withProtocolVersion:] at /Users/davidestes/stripe/stripe-3ds2-ios/Stripe3DS2/Stripe3DS2/Public/STDSThreeDS2Service.m:145
#27	0x0000000108913d36 in -[STPPaymentHandler _handleAuthenticationForCurrentAction] at /Users/hugo/Desktop/client-app/ios/Pods/Stripe/Stripe/Payments/STPPaymentHandler.m:434
#28	0x0000000108912186 in -[STPPaymentHandler _handleNextActionForPayment:withAuthenticationContext:returnURL:completion:] at /Users/hugo/Desktop/client-app/ios/Pods/Stripe/Stripe/Payments/STPPaymentHandler.m:296
#29	0x000000010890f846 in __95-[STPPaymentHandler handleNextActionForPayment:withAuthenticationContext:returnURL:completion:]_block_invoke.68 at /Users/hugo/Desktop/client-app/ios/Pods/Stripe/Stripe/Payments/STPPaymentHandler.m:145
#30	0x00000001088b95ce in __81-[STPAPIClient(PaymentIntents) retrievePaymentIntentWithClientSecret:completion:]_block_invoke at /Users/hugo/Desktop/client-app/ios/Pods/Stripe/Stripe/STPAPIClient.m:717
#31	0x00000001088bd2e4 in __67+[STPAPIRequest parseResponse:body:error:deserializers:completion:]_block_invoke_2 at /Users/hugo/Desktop/client-app/ios/Pods/Stripe/Stripe/STPAPIRequest.m:130
#32	0x0000000113d205d1 in _dispatch_call_block_and_release ()
#33	0x0000000113d2163e in _dispatch_client_callout ()
#34	0x0000000113d2e9d6 in _dispatch_main_queue_callback_4CF ()
#35	0x000000011266b7f9 in __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ ()
#36	0x0000000112665e86 in __CFRunLoopRun ()
#37	0x0000000112665221 in CFRunLoopRunSpecific ()
#38	0x0000000117b951dd in GSEventRunModal ()
#39	0x000000011af54115 in UIApplicationMain ()
#40	0x0000000107b88390 in main at /Users/hugo/Desktop/client-app/ios/client/main.m:14
#41	0x000000011173b551 in start ()
#42	0x000000011173b551 in start ()

[davidme-stripe]

Hi @Hugo-Fonseca, thanks for the report. We're looking into this now. Do you see the same issue if you use_frameworks! to your Podfile and rerun pod install?

[imhugofonseca]

@dackerman-stripe Unfortunately I cannot use use_frameworks! because some modules I'm using do not support it but I can set Stripe to build as a static library. I'm still having the same issue but I'm cleaning and rebuilding just to make sure.

[davidme-stripe]

While we look into splitting out the BoringSSL dependency, can you try my branch? It might resolve this crash.

In your Podfile, set pod 'Stripe', :git => 'https://github.com/stripe/stripe-ios.git', :branch => 'davidme/boringssl-more-prefix', then run pod install.

[imhugofonseca]

@dackerman-stripe Works perfectly! Thanks!

[davidme-stripe]

Great, thank you! We’ll get this in the next release.

[davidme-stripe]

Fixed in #1297.

[davidme-stripe]

In v16.0.6, released today.