1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

[ruby/openssl] ssl: create a temporary frozen string buffer when writing

Since a blocking SSLSocket#syswrite call allows context switches while
waiting for the underlying socket to be ready, we must freeze the string
buffer to prevent other threads from modifying it.

Reference: https://github.com/ruby/openssl/issues/452

https://github.com/ruby/openssl/commit/aea874bc6e
This commit is contained in:
Kazuki Yamaguchi 2021-08-30 16:09:04 +09:00
parent ed7ea35d74
commit 5828807626

View file

@ -1912,21 +1912,21 @@ ossl_ssl_write_internal(VALUE self, VALUE str, VALUE opts)
int nwrite = 0;
rb_io_t *fptr;
int nonblock = opts != Qfalse;
VALUE io;
VALUE tmp, io;
StringValue(str);
tmp = rb_str_new_frozen(StringValue(str));
GetSSL(self, ssl);
io = rb_attr_get(self, id_i_io);
GetOpenFile(io, fptr);
if (ssl_started(ssl)) {
for (;;){
int num = RSTRING_LENINT(str);
for (;;) {
int num = RSTRING_LENINT(tmp);
/* SSL_write(3ssl) manpage states num == 0 is undefined */
if (num == 0)
goto end;
nwrite = SSL_write(ssl, RSTRING_PTR(str), num);
nwrite = SSL_write(ssl, RSTRING_PTR(tmp), num);
switch(ssl_get_error(ssl, nwrite)){
case SSL_ERROR_NONE:
goto end;