Bug #9677
closedOpenSSL::PKey::EC#to_text causes a segmentation fault
Description
I have Ruby 2.1.1p76 and when I try to run a particular snippet of code using the OpenSSL extension, I get a segmentation fault. I am running Arch Linux and I have openssl 1.0.1.f-1. I built Ruby from source. This bug also affects Ruby 2.1.0.
Here is a snippet of shell output showing the Ruby command that causes the problem:
$ ruby -v -ropenssl -e "OpenSSL::PKey::EC.new('secp256k1').to_text"
ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-linux]
-e:1: [BUG] Segmentation fault at 0x00000000000000
...
I attached a text file with the full output from Ruby to this bug report.
This other OpenSSL segmentation fault issue might be related:
Files
Updated by samkottler (Sam Kottler) over 10 years ago
Thanks for the report! I'm looking into this now.
Updated by samkottler (Sam Kottler) over 10 years ago
It's worth noting that this segfault happens on not only arch, but also OSX, debian, and fedora. That makes it seem like a generic issue which is not isolated to arch.
Updated by phasis68 (Heesob Park) over 10 years ago
I found that the segmentation fault occurs when a public_key is not set.
Here is a patch.
diff --git a/ossl_pkey_ec.c b/ossl_pkey_ec.c
index 5e419bd..070bfc4 100644
--- a/ossl_pkey_ec.c
+++ b/ossl_pkey_ec.c
@@ -574,6 +574,13 @@ static VALUE ossl_ec_key_to_text(VALUE self)
VALUE str;
Require_EC_KEY(self, ec);
+
+ if (EC_KEY_get0_public_key(ec) == NULL)
+ ossl_raise(eECError, "can't export - no public key set");
+
+ if (EC_KEY_check_key(ec) != 1)
+ ossl_raise(eECError, "can't export - EC_KEY_check_key failed");
+
if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eECError, "BIO_new(BIO_s_mem())");
}
Updated by zzak (zzak _) about 9 years ago
- Assignee changed from MartinBosslet (Martin Bosslet) to 7150
Updated by rhenium (Kazuki Yamaguchi) over 8 years ago
- Status changed from Open to Third Party's Issue
This is OpenSSL RT3065, and fixed in OpenSSL 1.0.0o, 1.0.1j and 1.0.2.
https://rt.openssl.org/Ticket/Display.html?id=3065
I think this is no longer an issue so I'm closing this, but let me know if this still occurs.