Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Profile credential provider crashes SDK on deallocation #280

Closed
jbelkins opened this issue Aug 30, 2024 · 3 comments
Closed

Profile credential provider crashes SDK on deallocation #280

jbelkins opened this issue Aug 30, 2024 · 3 comments
Labels
bug This issue is a bug. needs-triage This issue or PR still needs to be triaged.

Comments

@jbelkins
Copy link
Contributor

Describe the bug

The AWS SDK for Swift has a profile credential provider that is built with an implementation from this project:
https://github.com/awslabs/aws-sdk-swift/blob/main/Sources/Core/AWSSDKIdentity/Sources/AWSSDKIdentity/AWSCredentialIdentityResolvers/ProfileAWSCredentialIdentityResolver.swift#L61

This credentials provider does resolve credentials successfully from a profile, but when the credentials provider is deallocated, the CRT credentials provider crashes on EXC_BAD_ACCESS here due to the shutdownCallbackOptions.shutdownCallback property being nil:
https://github.com/awslabs/aws-crt-swift/blob/main/Source/AwsCommonRuntimeKit/crt/ShutdownCallbackCore.swift#L61

Here is the Swift snippet that uses the AWSSTS service client to cause the crash:

import AWSSTS
import AWSSDKIdentity

@main
struct GetCallerIdentity {

    static func main() async throws {
        let resolver = try AWSSDKIdentity.ProfileAWSCredentialIdentityResolver(profileName: "donothing")
        let config = try await STSClient.Config(awsCredentialIdentityResolver: resolver)
        let client = STSClient(config: config)
        let input = GetCallerIdentityInput()
        do {
            let output = try await client.getCallerIdentity(input: input)
            let userID = String(describing: output.userId)
            let account = String(describing: output.account)
            print("Request succeeded")
            print("User ID: \(userID)")
            print("Account: \(account)")
        } catch {
            print("Request failed")
            print("Error: \(error)")
        }
    }
}

Here is the ~/.aws/config file, credentials are configured in a separate file:

[default]
region = us-east-1

[profile donothing]
role_arn = arn:aws:iam::1234567890:role/DoNothingRole

Expected Behavior

Credentials provider should deallocate successfully

Current Behavior

Credentials provider crashes as indicated

Reproduction Steps

Run the code above, observe crash after successful profile resolution

Possible Solution

No response

Additional Information/Context

No response

aws-crt-swift version used

0.33.0

Compiler and Version used

Xcode 15.4

Operating System and version

macOS 14.6.1

@jbelkins
Copy link
Contributor Author

jbelkins commented Sep 9, 2024

An aws-sdk-swift customer reported a similar crash, that happens on credential provider deallocation.
awslabs/aws-sdk-swift#1714

Of note, the customer defined a profile that assumes a role, similar to what was done above.

@waahm7
Copy link
Contributor

waahm7 commented Sep 12, 2024

@waahm7 waahm7 closed this as completed Sep 12, 2024
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug This issue is a bug. needs-triage This issue or PR still needs to be triaged.
Projects
None yet
Development

No branches or pull requests

2 participants