Project

General

Profile

Bug #12660

[PATCH] openssl: avoid undefined behavior on empty SSL_write

Added by normalperson (Eric Wong) about 3 years ago. Updated almost 3 years ago.

Status:
Closed
Priority:
Normal
Target version:
-
[ruby-core:76751]

Description

SSL_write(3ssl) manpage has this in the WARNINGS section:

   When calling SSL_write() with num=0 bytes to be sent the
   behaviour is undefined.

And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.

  • ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior
  • test/openssl/test_pair.rb (test_write_zero): new test

Comments? Will commit in a week or so if no response.


Files

Associated revisions

Revision 7513d546
Added by normal about 3 years ago

openssl: avoid undefined behavior on empty SSL_write

SSL_write(3ssl) manpage has this in the WARNINGS section:

   When calling SSL_write() with num=0 bytes to be sent the
   behaviour is undefined.

And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.

  • ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior
  • test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55822 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 55822
Added by normalperson (Eric Wong) about 3 years ago

openssl: avoid undefined behavior on empty SSL_write

SSL_write(3ssl) manpage has this in the WARNINGS section:

   When calling SSL_write() with num=0 bytes to be sent the
   behaviour is undefined.

And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.

  • ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior
  • test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660]

Revision 55822
Added by normal about 3 years ago

openssl: avoid undefined behavior on empty SSL_write

SSL_write(3ssl) manpage has this in the WARNINGS section:

   When calling SSL_write() with num=0 bytes to be sent the
   behaviour is undefined.

And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.

  • ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior
  • test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660]

Revision 55822
Added by normal about 3 years ago

openssl: avoid undefined behavior on empty SSL_write

SSL_write(3ssl) manpage has this in the WARNINGS section:

   When calling SSL_write() with num=0 bytes to be sent the
   behaviour is undefined.

And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.

  • ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior
  • test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660]

Revision 55822
Added by normal about 3 years ago

openssl: avoid undefined behavior on empty SSL_write

SSL_write(3ssl) manpage has this in the WARNINGS section:

   When calling SSL_write() with num=0 bytes to be sent the
   behaviour is undefined.

And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.

  • ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior
  • test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660]

Revision a9e98cf7
Added by nagachika (Tomoyuki Chikanaga) about 3 years ago

merge revision(s) 55822: [Backport #12660]

    * ext/openssl/ossl_ssl.c (ossl_ssl_write_internal):
      avoid undefined behavior

    * test/openssl/test_pair.rb (test_write_zero): new test
      [ruby-core:76751] [Bug #12660]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@55961 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 55961
Added by nagachika (Tomoyuki Chikanaga) about 3 years ago

merge revision(s) 55822: [Backport #12660]

* ext/openssl/ossl_ssl.c (ossl_ssl_write_internal):
  avoid undefined behavior

* test/openssl/test_pair.rb (test_write_zero): new test
  [ruby-core:76751] [Bug #12660]

Revision c880452b
Added by usa (Usaku NAKAMURA) almost 3 years ago

merge revision(s) 55822: [Backport #12660]

    * ext/openssl/ossl_ssl.c (ossl_ssl_write_internal):
      avoid undefined behavior

    * test/openssl/test_pair.rb (test_write_zero): new test
      [ruby-core:76751] [Bug #12660]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@56300 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 56300
Added by usa (Usaku NAKAMURA) almost 3 years ago

merge revision(s) 55822: [Backport #12660]

* ext/openssl/ossl_ssl.c (ossl_ssl_write_internal):
  avoid undefined behavior

* test/openssl/test_pair.rb (test_write_zero): new test
  [ruby-core:76751] [Bug #12660]

History

Updated by rhenium (Kazuki Yamaguchi) about 3 years ago

Thanks! Looks fine to me. Please commit.

#2

Updated by Anonymous about 3 years ago

  • Status changed from Open to Closed

Applied in changeset r55822.


openssl: avoid undefined behavior on empty SSL_write

SSL_write(3ssl) manpage has this in the WARNINGS section:

   When calling SSL_write() with num=0 bytes to be sent the
   behaviour is undefined.

And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.

  • ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior
  • test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660]

Updated by normalperson (Eric Wong) about 3 years ago

k@rhe.jp wrote:

Thanks! Looks fine to me. Please commit.

Thanks for quick review :> r55822

Updated by nagachika (Tomoyuki Chikanaga) about 3 years ago

  • Backport changed from 2.1: REQUIRED, 2.2: REQUIRED, 2.3: REQUIRED to 2.1: REQUIRED, 2.2: REQUIRED, 2.3: DONE

ruby_2_3 r55961 merged revision(s) 55822.

Updated by usa (Usaku NAKAMURA) almost 3 years ago

  • Backport changed from 2.1: REQUIRED, 2.2: REQUIRED, 2.3: DONE to 2.1: REQUIRED, 2.2: DONE, 2.3: DONE

ruby_2_2 r56300 merged revision(s) 55822.

Also available in: Atom PDF