Bug #199


Possible patches for critical segfaults and vulnerabilities available for review in ruby-talk

Added by Anonymous over 14 years ago. Updated over 11 years ago.

Target version:
ruby -v:


All currently available official versions of MRI Ruby are either vulnerable, failing with segmentation faults, or change the API in ways that make it impossible to run critical Ruby libraries such as Rails 2.0 and RSpec.

There are currently two unofficial patches submitted by ruby-talk members that seem to fix these problems:

One is a backport of fixes to 1.8.6p111 by Stanislav Sedov and Hongli Lai. The other is a fix to 1.8.6p230 by Smartleaf which reverts a recent patch that's causing segmentation faults. I've attached these files to this ticket.

I've personally confirmed that both of these work as well as the stock 1.8.6p111 in running the Rails 2.0, RSpec 1.1.4, and RubySpec test suites. However, I do not understand the C patches well enough to be able to help with them myself.

Can one of the Ruby maintainers please review these patches and join in the discussion at ruby-talk or the online thread at ?

Thank you!



1.8.6p230_smartleaf_fix.patch (2.9 KB) 1.8.6p230_smartleaf_fix.patch Anonymous, 06/25/2008 10:04 AM
1.8.6p111_sedov_and_lai_backport.patch (11.7 KB) 1.8.6p111_sedov_and_lai_backport.patch Anonymous, 06/25/2008 10:04 AM (1.63 KB) Sample commands to run to build Ruby and run it against third-party tests igal (Igal Koshevoy), 06/28/2008 09:27 PM
logs.tar.gz (19 KB) logs.tar.gz Test results for p111 vs r17630 igal (Igal Koshevoy), 06/28/2008 09:27 PM
logs2.tar.gz (39.1 KB) logs2.tar.gz igal (Igal Koshevoy), 07/03/2008 03:31 AM
Actions #1

Updated by Anonymous over 14 years ago

I'd really like to hear from the core team about this issue as well. We have thousands of ruby1.8.6p114 installs that we cannot update to the official releases since they all segfault. For now we are using the patch against p114 and it seems to work fine for all intents and purposes. But it would really re-assure us if the ruby-core could respond and bless one of these patches or tell us what is wrong with them if there are issues.

-Ezra Zygmuntowicz

Updated by igal (Igal Koshevoy) over 14 years ago

Urabe Shyouhei wrote:

Sorry for a late reply but I think I've fixed this issue. Can someone
please try the latest ruby_1_8_6 branch?
I'm delighted to hear from you!

I've checked out the latest source code and ran the test suites of RubySpec, Rails and RSpec on it. The segfaults are gone and I'm able to run Rails applications again. However, many tests are failing in a way that indicates there are either bugs or changes in the API which cause p238 to behave differently than p111.

I've updated the RedMine ticket [] and uploaded the following files:

  1. -- Sample commands I'm running to build Ruby and execute the test suites
  2. logs.tar.gz -- The test suite logs for the various programs

In the logs, the "p111.log" files were created with Ubuntu 8.04's patched Ruby 1.8.6p111, while the "17630.log" files were created with SVN r17630. The best way to work with these log files is to use a modern diff program like "gvimdiff" or "meld" which can detect intra-line changes (a few characters changed within a line), and visually compare them side-by-side. Note that a number of tests fail on both, this is unfortunately normal. What's important is that the same tests pass and fail on both versions. I'll try to make sense of the changes and errors after I get some sleep.

Because the lastest SVN version seems to introduce API changes, trying to fix it may be time consuming and stressful.

I urge you to consider reviewing the submitted unofficial patches and make a new release based on a well-known stable version of the code, such as p111 or p114.

Thank you!


Actions #3

Updated by igal (Igal Koshevoy) over 14 years ago

I've re-run the test suites, along with some additional ones, against Ruby 1.8.6 SVN 17631 and the results seem promising.

The RubySpec team's been working hard to revise their specs and eliminated the false positives I reported last time. Many thanks to Federico Builes, Vladimir Sizikov, Arthur Schreiber, Tanaka Akira, and others for the timely effort.

Here are the test suites and their results:

RubySpec [Wed Jul 2 11:27:11 2008 -0500]

  • Module#remove_method fails
  • String#% failures
  • Iconv has many, many failures

Rails 1.2.6

  • Fine!

Rails 2.0.2

  • Fine!

Rails 2.1.0

  • Fine!

Rails tip

  • Hundreds of tests seem to be skipped, haven't figured out why.

RSpec 1.1.4

  • Fine. Although it fails the 'identical HTML' spec, that spec is flaky and shouldn't count.


Actions #4

Updated by nobu (Nobuyoshi Nakada) about 14 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

Merged to 1.8.6 branch in the repository, at r17630.


Also available in: Atom PDF