[ruby/openssl] Check if the option is an Hash in pkey_ctx_apply_options0()

causes SEGV if it is an Array or something like that. https://github.com/ruby/openssl/commit/ef23525210
2022-11-09 12:17:21 -05:00 · 2022-08-05 18:42:06 +09:00 · 2022-08-05 18:42:06 +09:00 · a98096349e
commit a98096349e
parent c865e8d161
2 changed files with 6 additions and 0 deletions
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@ -200,6 +200,7 @@ static VALUE
 pkey_ctx_apply_options0(VALUE args_v)
 {
    VALUE *args = (VALUE *)args_v;
+    Check_Type(args[1], T_HASH);

    rb_block_call(args[1], rb_intern("each"), 0, NULL,
                  pkey_ctx_apply_options_i, args[0]);
--- a/test/openssl/test_pkey_rsa.rb
+++ b/test/openssl/test_pkey_rsa.rb
@ -108,6 +108,11 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
                                      salt_length: 20, mgf1_hash: "SHA1")
    # Defaults to PKCS #1 v1.5 padding => verification failure
    assert_equal false, key.verify("SHA256", sig_pss, data)
+
+    # option type check
+    assert_raise_with_message(TypeError, /expected Hash/) {
+      key.sign("SHA256", data, ["x"])
+    }
  end

  def test_sign_verify_raw