ruby-changes:43831
From: nagachika <ko1@a...>
Date: Tue, 16 Aug 2016 03:49:37 +0900 (JST)
Subject: [ruby-changes:43831] nagachika:r55904 (ruby_2_3): merge revision(s) 55175: [Backport #12428]
nagachika 2016-08-16 03:49:32 +0900 (Tue, 16 Aug 2016) New Revision: 55904 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=55904 Log: merge revision(s) 55175: [Backport #12428] * ext/openssl/ossl_pkey_dh.c (ossl_dh_compute_key): Check that the DH has 'p' (the prime) before calling DH_size(). We can create a DH with no parameter but DH_size() does not check and dereferences NULL. [ruby-core:75720] [Bug #12428] * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_sign): Ditto. DSA_size() does not check dsa->q. * ext/openssl/ossl_pkey_rsa.c (ossl_rsa_public_encrypt, ossl_rsa_public_decrypt, ossl_rsa_private_encrypt, ossl_rsa_private_decrypt): Ditto. RSA_size() does not check rsa->n. Modified directories: branches/ruby_2_3/ Modified files: branches/ruby_2_3/ChangeLog branches/ruby_2_3/ext/openssl/ossl_pkey_dh.c branches/ruby_2_3/ext/openssl/ossl_pkey_dsa.c branches/ruby_2_3/ext/openssl/ossl_pkey_rsa.c branches/ruby_2_3/version.h Index: ruby_2_3/ChangeLog =================================================================== --- ruby_2_3/ChangeLog (revision 55903) +++ ruby_2_3/ChangeLog (revision 55904) @@ -1,3 +1,17 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ChangeLog#L1 +Tue Aug 16 03:41:21 2016 Kazuki Yamaguchi <k@r...> + + * ext/openssl/ossl_pkey_dh.c (ossl_dh_compute_key): Check that the DH + has 'p' (the prime) before calling DH_size(). We can create a DH with + no parameter but DH_size() does not check and dereferences NULL. + [ruby-core:75720] [Bug #12428] + + * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_sign): Ditto. DSA_size() does + not check dsa->q. + + * ext/openssl/ossl_pkey_rsa.c (ossl_rsa_public_encrypt, + ossl_rsa_public_decrypt, ossl_rsa_private_encrypt, + ossl_rsa_private_decrypt): Ditto. RSA_size() does not check rsa->n. + Tue Aug 16 03:10:42 2016 Nobuyoshi Nakada <nobu@r...> * transcode.c (enc_arg, str_transcode_enc_args, econv_args): Index: ruby_2_3/version.h =================================================================== --- ruby_2_3/version.h (revision 55903) +++ ruby_2_3/version.h (revision 55904) @@ -1,6 +1,6 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_3/version.h#L1 #define RUBY_VERSION "2.3.2" #define RUBY_RELEASE_DATE "2016-08-16" -#define RUBY_PATCHLEVEL 154 +#define RUBY_PATCHLEVEL 155 #define RUBY_RELEASE_YEAR 2016 #define RUBY_RELEASE_MONTH 8 Index: ruby_2_3/ext/openssl/ossl_pkey_dsa.c =================================================================== --- ruby_2_3/ext/openssl/ossl_pkey_dsa.c (revision 55903) +++ ruby_2_3/ext/openssl/ossl_pkey_dsa.c (revision 55904) @@ -498,10 +498,11 @@ ossl_dsa_sign(VALUE self, VALUE data) https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkey_dsa.c#L498 VALUE str; GetPKeyDSA(self, pkey); - StringValue(data); - if (!DSA_PRIVATE(self, pkey->pkey.dsa)) { + if (!pkey->pkey.dsa->q) + ossl_raise(eDSAError, "incomplete DSA"); + if (!DSA_PRIVATE(self, pkey->pkey.dsa)) ossl_raise(eDSAError, "Private DSA key needed!"); - } + StringValue(data); str = rb_str_new(0, ossl_dsa_buf_size(pkey)); if (!DSA_sign(0, (unsigned char *)RSTRING_PTR(data), RSTRING_LENINT(data), (unsigned char *)RSTRING_PTR(str), Index: ruby_2_3/ext/openssl/ossl_pkey_rsa.c =================================================================== --- ruby_2_3/ext/openssl/ossl_pkey_rsa.c (revision 55903) +++ ruby_2_3/ext/openssl/ossl_pkey_rsa.c (revision 55904) @@ -391,6 +391,8 @@ ossl_rsa_public_encrypt(int argc, VALUE https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkey_rsa.c#L391 VALUE str, buffer, padding; GetPKeyRSA(self, pkey); + if (!pkey->pkey.rsa->n) + ossl_raise(eRSAError, "incomplete RSA"); rb_scan_args(argc, argv, "11", &buffer, &padding); pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding); StringValue(buffer); @@ -420,6 +422,8 @@ ossl_rsa_public_decrypt(int argc, VALUE https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkey_rsa.c#L422 VALUE str, buffer, padding; GetPKeyRSA(self, pkey); + if (!pkey->pkey.rsa->n) + ossl_raise(eRSAError, "incomplete RSA"); rb_scan_args(argc, argv, "11", &buffer, &padding); pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding); StringValue(buffer); @@ -449,9 +453,10 @@ ossl_rsa_private_encrypt(int argc, VALUE https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkey_rsa.c#L453 VALUE str, buffer, padding; GetPKeyRSA(self, pkey); - if (!RSA_PRIVATE(self, pkey->pkey.rsa)) { - ossl_raise(eRSAError, "private key needed."); - } + if (!pkey->pkey.rsa->n) + ossl_raise(eRSAError, "incomplete RSA"); + if (!RSA_PRIVATE(self, pkey->pkey.rsa)) + ossl_raise(eRSAError, "private key needed"); rb_scan_args(argc, argv, "11", &buffer, &padding); pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding); StringValue(buffer); @@ -481,9 +486,10 @@ ossl_rsa_private_decrypt(int argc, VALUE https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkey_rsa.c#L486 VALUE str, buffer, padding; GetPKeyRSA(self, pkey); - if (!RSA_PRIVATE(self, pkey->pkey.rsa)) { - ossl_raise(eRSAError, "private key needed."); - } + if (!pkey->pkey.rsa->n) + ossl_raise(eRSAError, "incomplete RSA"); + if (!RSA_PRIVATE(self, pkey->pkey.rsa)) + ossl_raise(eRSAError, "private key needed"); rb_scan_args(argc, argv, "11", &buffer, &padding); pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding); StringValue(buffer); Index: ruby_2_3/ext/openssl/ossl_pkey_dh.c =================================================================== --- ruby_2_3/ext/openssl/ossl_pkey_dh.c (revision 55903) +++ ruby_2_3/ext/openssl/ossl_pkey_dh.c (revision 55904) @@ -506,6 +506,8 @@ ossl_dh_compute_key(VALUE self, VALUE pu https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkey_dh.c#L506 GetPKeyDH(self, pkey); dh = pkey->pkey.dh; + if (!dh->p) + ossl_raise(eDHError, "incomplete DH"); pub_key = GetBNPtr(pub); len = DH_size(dh); str = rb_str_new(0, len); Property changes on: ruby_2_3 ___________________________________________________________________ Modified: svn:mergeinfo Merged /trunk:r55175 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/