Bug #5062

double free in OpenSSL::Engine

Added by Ippei Obayashi almost 3 years ago. Updated almost 3 years ago.

[ruby-dev:44173]
Status:Closed
Priority:High
Assignee:Martin Bosslet
Category:ext
Target version:1.9.3
ruby -v:ruby 1.9.4dev (2011-07-20 trunk 32586) [x86_64-linux] Backport:

Description

以下のコードを実行すると終了時にglibcがdouble freeを検出して停止します。
require 'openssl'
OpenSSL::Engine.load
OpenSSL::Engine.engines
OpenSSL::Engine.engines
停止時の出力を添付します。

ENGINEgetnextが前に返したengineのref countを下げるのが原因のようで、添付したパッチでとりあえず直ります。

engine_bug.log (5.9 KB) Ippei Obayashi, 07/21/2011 02:49 AM

ossl_engine_doublefree.patch Magnifier (406 Bytes) Ippei Obayashi, 07/21/2011 02:49 AM

Associated revisions

Revision 32604
Added by emboss almost 3 years ago

  • ext/openssl/ossl_engine.c: Avoid double free of ENGINE reference.
  • test/openssl/test_engine.rb: Add a test for it. Thanks to Ippei Obayashi for providing the patch. [ Ruby 1.9 - Bug #5062 ]

History

#1 Updated by Martin Bosslet almost 3 years ago

  • Status changed from Open to Assigned
  • Assignee set to Martin Bosslet
  • Target version set to 1.9.3

Thanks Ippei,

I'll take a look at it!

#2 Updated by Motohiro KOSAKI almost 3 years ago

  • Priority changed from Normal to High

#3 Updated by Anonymous almost 3 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r32604.
Ippei, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • ext/openssl/ossl_engine.c: Avoid double free of ENGINE reference.
  • test/openssl/test_engine.rb: Add a test for it. Thanks to Ippei Obayashi for providing the patch. [ Ruby 1.9 - Bug #5062 ]

Also available in: Atom PDF