kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

* ext/openssl/ossl_pkcs7.c: fix crash when parsing garbage data.

Browse source 
* test/openssl/test_pkcs7.rb: assert correct behavior for it.
  Thanks to Matt Venables for reporting the issue.
  [ruby-core:43250][Bug #6134]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35167 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
emboss 2012-03-29 01:27:17 +00:00
parent 8e601a20f4
commit aad347f5ec
3 changed files with 19 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
ChangeLog
View file

@ -1,3 +1,10 @@
Thu Mar 29 10:20:18 2012 Martin Bosslet <Martin.Bosslet@googlemail.com>
* ext/openssl/ossl_pkcs7.c: fix crash when parsing garbage data.
* test/openssl/test_pkcs7.rb: assert correct behavior for it.
Thanks to Matt Venables for reporting the issue.
[ruby-core:43250][Bug #6134]
Thu Mar 29 10:16:05 2012 NAKAMURA Usaku <usa@ruby-lang.org>
* thread_win32.c (TIME_QUANTUM_USEC): 10ms(= old setting) [experimental]
@ -13,7 +20,7 @@ Thu Mar 29 10:12:12 2012 NAKAMURA Usaku <usa@ruby-lang.org>
Thu Mar 29 09:26:17 2012 Martin Bosslet <Martin.Bosslet@googlemail.com>
* test/openssl/test_x509cert.rb: Exclude test that fails when issuing
* test/openssl/test_x509cert.rb: exclude test that fails when issuing
a certificate with RSA signature and DSS1 digest for earlier
OpenSSL versions when used in conjunction with OpenSSL 1.0.1.
Thanks, Vit Ondruch, for reporting the issue.

9
ext/openssl/ossl_pkcs7.c
View file

@ -318,14 +318,17 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
arg = ossl_to_der_if_possible(arg);
in = ossl_obj2bio(arg);
p7 = PEM_read_bio_PKCS7(in, &pkcs, NULL, NULL);
DATA_PTR(self) = pkcs;
if (!p7) {
OSSL_BIO_reset(in);
p7 = d2i_PKCS7_bio(in, &pkcs);
if (!p7)
if (!p7) {
BIO_free(in);
PKCS7_free(pkcs);
DATA_PTR(self) = NULL;
ossl_raise(rb_eArgError, "Could not parse the PKCS7");
DATA_PTR(self) = pkcs;
}
}
DATA_PTR(self) = pkcs;
BIO_free(in);
ossl_pkcs7_set_data(self, Qnil);
ossl_pkcs7_set_err_string(self, Qnil);

5
test/openssl/test_pkcs7.rb
View file

@ -146,6 +146,11 @@ class OpenSSL::TestPKCS7 < Test::Unit::TestCase
assert_equal(3, recip[1].serial)
assert_equal(data, p7.decrypt(@rsa1024, @ee2_cert))
end
def test_graceful_parsing_failure #[ruby-core:43250]
contents = File.read(__FILE__)
assert_raise(ArgumentError) { OpenSSL::PKCS7.new(contents) }
end
end
end