Bug #5363

OpenSSL::ASN1.decode_all の引数に PEM 形式の証明書を指定すると Segmentation fault が発生する

Added by Hiroshi Yoshida over 2 years ago. Updated over 2 years ago.

[ruby-dev:44542]
Status:Closed
Priority:Normal
Assignee:Martin Bosslet
Category:ext
Target version:1.9.3
ruby -v:- Backport:

Description

Ruby 1.9.3 rc1 で OpenSSL::ASN1.decode_all の引数に PEM 形式の証明書を指定すると Segmentation fault が発生します。

== 環境

Ubuntu 11.04 64-bit
ruby 1.9.3dev (2011-09-23 revision 33323) [x86_64-linux]

== 再現コード

# -- coding: utf-8 --
require 'openssl'

puts RUBYDESCRIPTION
puts OpenSSL::OPENSSL
VERSION

pem =<<-EOF
-----BEGIN CERTIFICATE-----
MIICIDCCAYmgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJKUDEO
MAwGA1UECAwFVG9reW8xDTALBgNVBAcMBENodW8xCjAIBgNVBAoMAU8xCzAJBgNV
BAMMAkNBMB4XDTEwMDkyMDE1MDAwMFoXDTExMDgyMDE1MDAwMFowRTELMAkGA1UE
BhMCSlAxDjAMBgNVBAgMBVRva3lvMQ0wCwYDVQQHDARDaHVvMQowCAYDVQQKDAFP
MQswCQYDVQQDDAJDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvhBlVyo6
NnJCqnUcz3RgDeBSJ2SdW6WHK/b4tsplMwLjAEtEieSHeFtODVcyjDDzyXVBfA4+
LaIFBtLB34NHCT4Hza7YeLbURTewLQYgcRc6u/GhrhAQRS+dBVrxFsj0VsH2C4cC
qM2XSEclBrZGBBpmmqFm6eu8324YCqpAWLMCAwEAH6MgMB4wDwYDVR0TAQH/BAUw
AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEFBQADgYEACkYGYtUozBEO2J00
o2yFFRgs47BZboHRcuyOOJp5Ku99u5tkFDdIiqb327QLmU4NHUTWPT3o63hf/J7S
2iyfG6NVTLgT3U9DTC2yI24uspEd4sz+Vmz60LDil2QABm6tRc68BJemSX1nNr7V
jifehALJCTPKL52Y/4d1YbrZBwA=
-----END CERTIFICATE-----
EOF

OpenSSL::ASN1.decode_all(pem)

== 実行時の結果

example.rb は上記の再現コード

$ /opt/local/ruby/1.9.3/rc1/bin/ruby example.rb
ruby 1.9.3dev (2011-09-23 revision 33323) [x8664-linux]
OpenSSL 1.0.0e 6 Sep 2011
example.rb:24: [BUG] Segmentation fault
ruby 1.9.3dev (2011-09-23 revision 33323) [x86
64-linux]

-- Control frame information -----------------------------------------------
c:0004 p:---- s:0011 b:0011 l:000010 d:000010 CFUNC :decode_all
c:0003 p:0075 s:0007 b:0007 l:0014f8 d:0017e0 EVAL example.rb:24
c:0002 p:---- s:0004 b:0004 l:000003 d:000003 FINISH
c:0001 p:0000 s:0002 b:0002 l:0014f8 d:0014f8 TOP

-- Ruby level backtrace information ----------------------------------------
example.rb:24:in <main>'
example.rb:24:in
decode_all'

-- C level backtrace information -------------------------------------------
/opt/local/ruby/1.9.3/rc1/bin/ruby() [0x52a5e7] vmdump.c:796
/opt/local/ruby/1.9.3/rc1/bin/ruby() [0x577988] error.c:258
/opt/local/ruby/1.9.3/rc1/bin/ruby(rb
bug+0xb1) [0x578df1] error.c:277
/opt/local/ruby/1.9.3/rc1/bin/ruby() [0x4ba328] signal.c:609
/lib/x8664-linux-gnu/libpthread.so.0(+0xfc60) [0x7fc8c1c56c60]
/opt/local/ruby/1.9.3/rc1/lib/ruby/site
ruby/1.9.1/x8664-linux/openssl.so(+0x1c63d) [0x7fc8c060563d] osslasn1.c:882
/opt/local/ruby/1.9.3/rc1/lib/ruby/siteruby/1.9.1/x8664-linux/openssl.so(+0x1c2ba) [0x7fc8c06052ba] ossl_asn1.c:866

-- Other runtime information -----------------------------------------------

  • Loaded script: example.rb

  • Loaded features:

    0 enumerator.so
    1 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/enc/encdb.so
    2 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/enc/trans/transdb.so
    3 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/rubygems/defaults.rb
    4 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/rbconfig.rb
    5 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/rubygems/deprecate.rb
    6 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/rubygems/exceptions.rb
    7 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/rubygems/custom
    require.rb
    8 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/rubygems.rb
    9 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/digest.so
    10 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/digest.rb
    11 /opt/local/ruby/1.9.3/rc1/lib/ruby/site
    ruby/1.9.1/x8664-linux/openssl.so
    12 /opt/local/ruby/1.9.3/rc1/lib/ruby/site
    ruby/1.9.1/openssl/bn.rb
    13 /opt/local/ruby/1.9.3/rc1/lib/ruby/siteruby/1.9.1/openssl/cipher.rb
    14 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/stringio.so
    15 /opt/local/ruby/1.9.3/rc1/lib/ruby/siteruby/1.9.1/openssl/config.rb
    16 /opt/local/ruby/1.9.3/rc1/lib/ruby/site
    ruby/1.9.1/openssl/digest.rb
    17 /opt/local/ruby/1.9.3/rc1/lib/ruby/siteruby/1.9.1/openssl/buffering.rb
    18 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/fcntl.so
    19 /opt/local/ruby/1.9.3/rc1/lib/ruby/siteruby/1.9.1/openssl/ssl-internal.rb
    20 /opt/local/ruby/1.9.3/rc1/lib/ruby/site
    ruby/1.9.1/openssl/x509-internal.rb
    21 /opt/local/ruby/1.9.3/rc1/lib/ruby/site_ruby/1.9.1/openssl.rb

  • Process memory map:

    00400000-0062b000 r-xp 00000000 fb:00 8793890 /opt/local/ruby/1.9.3/rc1/bin/ruby
    0082b000-0082c000 r--p 0022b000 fb:00 8793890 /opt/local/ruby/1.9.3/rc1/bin/ruby
    0082c000-0082e000 rw-p 0022c000 fb:00 8793890 /opt/local/ruby/1.9.3/rc1/bin/ruby
    0082e000-0084b000 rw-p 00000000 00:00 0
    011aa000-01534000 rw-p 00000000 00:00 0 [heap]
    7fc8bf7b3000-7fc8bf7c8000 r-xp 00000000 fb:00 7864364 /lib/x8664-linux-gnu/libgccs.so.1
    7fc8bf7c8000-7fc8bf9c7000 ---p 00015000 fb:00 7864364 /lib/x8664-linux-gnu/libgccs.so.1
    7fc8bf9c7000-7fc8bf9c8000 r--p 00014000 fb:00 7864364 /lib/x8664-linux-gnu/libgccs.so.1
    7fc8bf9c8000-7fc8bf9c9000 rw-p 00015000 fb:00 7864364 /lib/x8664-linux-gnu/libgccs.so.1
    7fc8bf9c9000-7fc8bf9ca000 r-xp 00000000 fb:00 8793987 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/fcntl.so
    7fc8bf9ca000-7fc8bfbc9000 ---p 00001000 fb:00 8793987 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/fcntl.so
    7fc8bfbc9000-7fc8bfbca000 r--p 00000000 fb:00 8793987 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/fcntl.so
    7fc8bfbca000-7fc8bfbcb000 rw-p 00001000 fb:00 8793987 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/fcntl.so
    7fc8bfbcb000-7fc8bfbd2000 r-xp 00000000 fb:00 8793977 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/stringio.so
    7fc8bfbd2000-7fc8bfdd1000 ---p 00007000 fb:00 8793977 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/stringio.so
    7fc8bfdd1000-7fc8bfdd2000 r--p 00006000 fb:00 8793977 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/stringio.so
    7fc8bfdd2000-7fc8bfdd3000 rw-p 00007000 fb:00 8793977 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/stringio.so
    7fc8bfdd3000-7fc8bfdd6000 r-xp 00000000 fb:00 8793989 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/digest.so
    7fc8bfdd6000-7fc8bffd6000 ---p 00003000 fb:00 8793989 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/digest.so
    7fc8bffd6000-7fc8bffd7000 r--p 00003000 fb:00 8793989 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/digest.so
    7fc8bffd7000-7fc8bffd8000 rw-p 00004000 fb:00 8793989 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/digest.so
    7fc8bffd8000-7fc8c0166000 r-xp 00000000 fb:00 8915953 /opt/local/openssl/1.0.0e/lib/libcrypto.so.1.0.0
    7fc8c0166000-7fc8c0366000 ---p 0018e000 fb:00 8915953 /opt/local/openssl/1.0.0e/lib/libcrypto.so.1.0.0
    7fc8c0366000-7fc8c037f000 r--p 0018e000 fb:00 8915953 /opt/local/openssl/1.0.0e/lib/libcrypto.so.1.0.0
    7fc8c037f000-7fc8c0389000 rw-p 001a7000 fb:00 8915953 /opt/local/openssl/1.0.0e/lib/libcrypto.so.1.0.0
    7fc8c0389000-7fc8c038d000 rw-p 00000000 00:00 0
    7fc8c038d000-7fc8c03e1000 r-xp 00000000 fb:00 8915956 /opt/local/openssl/1.0.0e/lib/libssl.so.1.0.0
    7fc8c03e1000-7fc8c05e1000 ---p 00054000 fb:00 8915956 /opt/local/openssl/1.0.0e/lib/libssl.so.1.0.0
    7fc8c05e1000-7fc8c05e4000 r--p 00054000 fb:00 8915956 /opt/local/openssl/1.0.0e/lib/libssl.so.1.0.0
    7fc8c05e4000-7fc8c05e9000 rw-p 00057000 fb:00 8915956 /opt/local/openssl/1.0.0e/lib/libssl.so.1.0.0
    7fc8c05e9000-7fc8c0635000 r-xp 00000000 fb:00 8796840 /opt/local/ruby/1.9.3/rc1/lib/ruby/siteruby/1.9.1/x8664-linux/openssl.so
    7fc8c0635000-7fc8c0835000 ---p 0004c000 fb:00 8796840 /opt/local/ruby/1.9.3/rc1/lib/ruby/siteruby/1.9.1/x8664-linux/openssl.so
    7fc8c0835000-7fc8c0836000 r--p 0004c000 fb:00 8796840 /opt/local/ruby/1.9.3/rc1/lib/ruby/siteruby/1.9.1/x8664-linux/openssl.so
    7fc8c0836000-7fc8c0838000 rw-p 0004d000 fb:00 8796840 /opt/local/ruby/1.9.3/rc1/lib/ruby/siteruby/1.9.1/x8664-linux/openssl.so
    7fc8c0838000-7fc8c0839000 rw-p 00000000 00:00 0
    7fc8c0839000-7fc8c083b000 r-xp 00000000 fb:00 8793940 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/enc/trans/transdb.so
    7fc8c083b000-7fc8c0a3b000 ---p 00002000 fb:00 8793940 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/enc/trans/transdb.so
    7fc8c0a3b000-7fc8c0a3c000 r--p 00002000 fb:00 8793940 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/enc/trans/transdb.so
    7fc8c0a3c000-7fc8c0a3d000 rw-p 00003000 fb:00 8793940 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/enc/trans/transdb.so
    7fc8c0a3d000-7fc8c0a3f000 r-xp 00000000 fb:00 8793956 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/enc/encdb.so
    7fc8c0a3f000-7fc8c0c3e000 ---p 00002000 fb:00 8793956 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/enc/encdb.so
    7fc8c0c3e000-7fc8c0c3f000 r--p 00001000 fb:00 8793956 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x8664-linux/enc/encdb.so
    7fc8c0c3f000-7fc8c0c40000 rw-p 00002000 fb:00 8793956 /opt/local/ruby/1.9.3/rc1/lib/ruby/1.9.1/x86
    64-linux/enc/encdb.so
    7fc8c0c40000-7fc8c0c41000 ---p 00000000 00:00 0
    7fc8c0c41000-7fc8c0d45000 rw-p 00000000 00:00 0
    7fc8c0d45000-7fc8c0fe9000 r--p 00000000 fb:00 5248223 /usr/lib/locale/locale-archive
    7fc8c0fe9000-7fc8c1173000 r-xp 00000000 fb:00 7864339 /lib/x8664-linux-gnu/libc-2.13.so
    7fc8c1173000-7fc8c1372000 ---p 0018a000 fb:00 7864339 /lib/x86
    64-linux-gnu/libc-2.13.so
    7fc8c1372000-7fc8c1376000 r--p 00189000 fb:00 7864339 /lib/x8664-linux-gnu/libc-2.13.so
    7fc8c1376000-7fc8c1377000 rw-p 0018d000 fb:00 7864339 /lib/x86
    64-linux-gnu/libc-2.13.so
    7fc8c1377000-7fc8c137d000 rw-p 00000000 00:00 0
    7fc8c137d000-7fc8c1401000 r-xp 00000000 fb:00 7864347 /lib/x8664-linux-gnu/libm-2.13.so
    7fc8c1401000-7fc8c1600000 ---p 00084000 fb:00 7864347 /lib/x86
    64-linux-gnu/libm-2.13.so
    7fc8c1600000-7fc8c1601000 r--p 00083000 fb:00 7864347 /lib/x8664-linux-gnu/libm-2.13.so
    7fc8c1601000-7fc8c1602000 rw-p 00084000 fb:00 7864347 /lib/x86
    64-linux-gnu/libm-2.13.so
    7fc8c1602000-7fc8c160b000 r-xp 00000000 fb:00 7864345 /lib/x8664-linux-gnu/libcrypt-2.13.so
    7fc8c160b000-7fc8c180b000 ---p 00009000 fb:00 7864345 /lib/x86
    64-linux-gnu/libcrypt-2.13.so
    7fc8c180b000-7fc8c180c000 r--p 00009000 fb:00 7864345 /lib/x8664-linux-gnu/libcrypt-2.13.so
    7fc8c180c000-7fc8c180d000 rw-p 0000a000 fb:00 7864345 /lib/x86
    64-linux-gnu/libcrypt-2.13.so
    7fc8c180d000-7fc8c183b000 rw-p 00000000 00:00 0
    7fc8c183b000-7fc8c183d000 r-xp 00000000 fb:00 7864346 /lib/x8664-linux-gnu/libdl-2.13.so
    7fc8c183d000-7fc8c1a3d000 ---p 00002000 fb:00 7864346 /lib/x86
    64-linux-gnu/libdl-2.13.so
    7fc8c1a3d000-7fc8c1a3e000 r--p 00002000 fb:00 7864346 /lib/x8664-linux-gnu/libdl-2.13.so
    7fc8c1a3e000-7fc8c1a3f000 rw-p 00003000 fb:00 7864346 /lib/x86
    64-linux-gnu/libdl-2.13.so
    7fc8c1a3f000-7fc8c1a46000 r-xp 00000000 fb:00 7864359 /lib/x8664-linux-gnu/librt-2.13.so
    7fc8c1a46000-7fc8c1c45000 ---p 00007000 fb:00 7864359 /lib/x86
    64-linux-gnu/librt-2.13.so
    7fc8c1c45000-7fc8c1c46000 r--p 00006000 fb:00 7864359 /lib/x8664-linux-gnu/librt-2.13.so
    7fc8c1c46000-7fc8c1c47000 rw-p 00007000 fb:00 7864359 /lib/x86
    64-linux-gnu/librt-2.13.so
    7fc8c1c47000-7fc8c1c5f000 r-xp 00000000 fb:00 7864357 /lib/x8664-linux-gnu/libpthread-2.13.so
    7fc8c1c5f000-7fc8c1e5f000 ---p 00018000 fb:00 7864357 /lib/x86
    64-linux-gnu/libpthread-2.13.so
    7fc8c1e5f000-7fc8c1e60000 r--p 00018000 fb:00 7864357 /lib/x8664-linux-gnu/libpthread-2.13.so
    7fc8c1e60000-7fc8c1e61000 rw-p 00019000 fb:00 7864357 /lib/x86
    64-linux-gnu/libpthread-2.13.so
    7fc8c1e61000-7fc8c1e65000 rw-p 00000000 00:00 0
    7fc8c1e65000-7fc8c1e86000 r-xp 00000000 fb:00 7864336 /lib/x8664-linux-gnu/ld-2.13.so
    7fc8c2075000-7fc8c207a000 rw-p 00000000 00:00 0
    7fc8c2082000-7fc8c2085000 rw-p 00000000 00:00 0
    7fc8c2085000-7fc8c2086000 r--p 00020000 fb:00 7864336 /lib/x86
    64-linux-gnu/ld-2.13.so
    7fc8c2086000-7fc8c2088000 rw-p 00021000 fb:00 7864336 /lib/x86_64-linux-gnu/ld-2.13.so
    7fff4233d000-7fff4235e000 rw-p 00000000 00:00 0 [stack]
    7fff4236e000-7fff4236f000 r-xp 00000000 00:00 0 [vdso]
    ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]

    [NOTE]
    You may have encountered a bug in the Ruby interpreter or extension libraries.
    Bug reports are welcome.
    For details: http://www.ruby-lang.org/bugreport.html

    Aborted

Associated revisions

Revision 33333
Added by emboss over 2 years ago

  • ext/openssl/osslasn1.c: fix intosslasn1decode0_cons when being fed arbitrary string values. Clearly distinguish between the cases "universal, infinite and not a SEQUENCE or SET" and "universal SEQUENCE or SET, possibly infinite". Raise error for universal tags that are not infinite.
  • test/openssl/test_asn1.rb: add a test for this.

    Thanks to Hiroshi Yoshida for reporting this bug.
    [Bug #5363]

History

#1 Updated by Tomoyuki Chikanaga over 2 years ago

  • Category set to ext
  • Target version set to 1.9.3

ruby 1.9.4dev (2011-09-23 trunk 33318) [x8664-darwin10.8.0] および
ruby 1.9.3dev (2011-09-24 revision 33322) [x86
64-darwin10.8.0]
でも再現しました。

また 1.9.2 の HEAD で試したところ

ruby 1.9.2p312 (2011-08-11 revision 32926) [x86_64-darwin10.8.0]
OpenSSL 0.9.8n 24 Mar 2010
example.rb:24:in decode_all': too long (OpenSSL::ASN1::ASN1Error)
from example.rb:24:in
'

となり SEGV にはなりませんでした。つまり 1.9.3 からの不具合です。

また https://gist.github.com/1239801 のパッチを適用してみると(すみません勝手に引用して)

ruby 1.9.3dev (2011-09-24 revision 33322) [x86_64-darwin10.8.0]
OpenSSL 0.9.8n 24 Mar 2010
example.rb:24:in decode_all': Type mismatch. Bytes read: 73 Bytes available: 47 (OpenSSL::ASN1::ASN1Error)
from example.rb:24:in
'

と SEGV は起きなくなるのを確認しました。

#2 Updated by Yui NARUSE over 2 years ago

  • Status changed from Open to Assigned
  • Assignee set to Martin Bosslet

Chikanaga says this is a regression from 1.9.3 and https://gist.github.com/1239801 fixes this.

#3 Updated by Anonymous over 2 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r33333.
Hiroshi, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • ext/openssl/osslasn1.c: fix intosslasn1decode0_cons when being fed arbitrary string values. Clearly distinguish between the cases "universal, infinite and not a SEQUENCE or SET" and "universal SEQUENCE or SET, possibly infinite". Raise error for universal tags that are not infinite.
  • test/openssl/test_asn1.rb: add a test for this.

    Thanks to Hiroshi Yoshida for reporting this bug.
    [Bug #5363]

#4 Updated by Martin Bosslet over 2 years ago

  • Status changed from Closed to Feedback

Yui NARUSE wrote:

Chikanaga says this is a regression from 1.9.3 and https://gist.github.com/1239801 fixes this.

Yes, thanks Tomoyuki for investigating this and pointing me
in the right direction. Unfortunately this fix would have
broken another test in test_asn1.rb.
I looked at the code and tried to untangle the problem-causing
part, first to fix the problem, but also to make it a bit
better to read and maintain.

I committed this on trunk and for me, it fixes the problem that
Hiroshi Yoshida reported. I also added a test case (using
one of our self-signed certificates, of course) for this.

Could you please verify that this fix works?

If it does then it could be backported to 1.9.3. I would have
done so already, but I'm awaiting your permission first (with the
code freeze in effect).

Regards,
Martin

#5 Updated by Hiroshi Yoshida over 2 years ago

I confirmed that the expected results.


ruby example.rb

ruby 1.9.4dev (2011-09-26 trunk 33339) [x86_64-linux]
OpenSSL 1.0.0e 6 Sep 2011
example.rb:24:in decode_all': invalid non-infinite tag (OpenSSL::ASN1::ASN1Error)
from example.rb:24:in
'

Thank you.

#6 Updated by Martin Bosslet over 2 years ago

  • ruby -v changed from ruby 1.9.3dev (2011-09-23 revision 33323) [x86_64-linux] to -

2011/9/26 Hiroshi Yoshida hexa.diary@gmail.com:

Issue #5363 has been updated by Hiroshi Yoshida.

I confirmed that the expected results.

Great, thank you, Hiroshi!

I currently don't have proper internet access, I have
to abuse the burger joint next door's wifi just to type this :)

So I'm afraid I couldn't really backport this to 1.9.3 this week -
could somebody please take over for me in case this
patch is to be applied in 1.9.3?

Regards,
Martin

#7 Updated by Motohiro KOSAKI over 2 years ago

  • Status changed from Feedback to Closed

This issue was solved with changeset r33347.
Hiroshi, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


merge revision(s) 33333:

* ext/openssl/ossl_asn1.c: fix int_ossl_asn1_decode0_cons when being
  fed arbitrary string values.
  Clearly distinguish between the cases "universal, infinite and
  not a SEQUENCE or SET" and "universal SEQUENCE or SET, possibly
  infinite". Raise error for universal tags that are not infinite.

* test/openssl/test_asn1.rb: add a test for this.
  Thanks to Hiroshi Yoshida for reporting this bug.
  [Bug #5363] 

#8 Updated by Motohiro KOSAKI over 2 years ago

2011/9/27 Martin Boßlet martin.bosslet@googlemail.com:

2011/9/26 Hiroshi Yoshida hexa.diary@gmail.com:

Issue #5363 has been updated by Hiroshi Yoshida.

I confirmed that the expected results.

Great, thank you, Hiroshi!

I currently don't have proper internet access, I have
to abuse the burger joint next door's wifi just to type this :)

So I'm afraid I couldn't really backport this to 1.9.3 this week -
could somebody please take over for me in case this
patch is to be applied in 1.9.3?

Done. r33347.

#9 Updated by Martin Bosslet over 2 years ago

2011/9/27 KOSAKI Motohiro kosaki.motohiro@gmail.com:

So I'm afraid I couldn't really backport this to 1.9.3 this week -
could somebody please take over for me in case this
patch is to be applied in 1.9.3?

Done. r33347.

Super, thank you!

Also available in: Atom PDF