Fix segfault with old OpenSSL
|ruby -v:||r45270||Backport:||1.9.3: DONE, 2.0.0: DONE, 2.1: DONE|
r44572 以降、古いOpenSSL(0.9.8kで確認)で、SSL connectionに失敗したときにSEGVすることがあります。
$ ruby -rnet/https -e 'Net::HTTP.get(URI("https://brandymelvilleusa.com"))' /app/vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:918: [BUG] Segmentation fault ruby 2.0.0p451 (2014-02-24 revision 45167) [x86_64-linux]
ossl.c: NULL check
- ext/openssl/ossl.c (ossl_make_error): check NULL for unknown error reasons with old OpenSSL, and insert a colon iff formatted message is not empty.
#3 Updated by Tomoyuki Chikanaga over 1 year ago
- Status changed from Open to Closed
- % Done changed from 0 to 100
#7 Updated by Nathan Youngman over 1 year ago
We saw this error in production with Ruby 2.1.1p76 on Heroku, but I don't know how to reproduce it. Is a backport to 2.1.1 planned? Or including the fix in 2.1.2?
Apr 22 08:03:01 app/worker.1: /app/vendor/ruby-2.1.1/lib/ruby/2.1.0/net/http.rb:920: [BUG] Segmentation fault at 0x00000000000000 Apr 22 08:03:01 app/worker.1: ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-linux]
#9 Updated by Nathan Youngman over 1 year ago
Nobuyoshi Nakada wrote:
I suspect it occurs only with very old version OpenSSL, I can't reproduce it on other platforms at least.
Yes, Heroku is running OpenSSL 0.9.8k 25 Mar 2009 on their Cedar stack.
(heroku run openssl version)
It is planned to backport to 2.1, and the next 2.1 will be 2.1.2.
Thanks. Looking forward to 2.1.2.