ruby-changes:19657
From: emboss <ko1@a...>
Date: Mon, 23 May 2011 07:13:05 +0900 (JST)
Subject: [ruby-changes:19657] emboss:r31702 (trunk): * ext/openssl/ossl_asn1.c: Forbid Constructives whose value is not an
emboss 2011-05-23 07:00:24 +0900 (Mon, 23 May 2011) New Revision: 31702 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=31702 Log: * ext/openssl/ossl_asn1.c: Forbid Constructives whose value is not an Array to prevent segfault. Added test. Modified files: trunk/ChangeLog trunk/ext/openssl/ossl_asn1.c trunk/test/openssl/test_asn1.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 31701) +++ ChangeLog (revision 31702) @@ -1,3 +1,8 @@ +Mon May 23 06:58:33 2011 Martin Bosslet <Martin.Bosslet@g...> + + * ext/openssl/ossl_asn1.c: Forbid Constructives whose value is not an + Array to prevent segfault. Added test. + Mon May 23 06:33:17 2011 Martin Bosslet <Martin.Bosslet@g...> * ext/openssl/ossl_asn1.c: Forbid Constructive without infinite Index: ext/openssl/ossl_asn1.c =================================================================== --- ext/openssl/ossl_asn1.c (revision 31701) +++ ext/openssl/ossl_asn1.c (revision 31702) @@ -1225,19 +1225,22 @@ int found_prim = 0, seq_len; long length; unsigned char *p; - VALUE value, str, inf_length, ary, example; + VALUE value, str, inf_length; tn = NUM2INT(ossl_asn1_get_tag(self)); tc = ossl_asn1_tag_class(self); inf_length = ossl_asn1_get_infinite_length(self); if (inf_length == Qtrue) { + VALUE ary, example; constructed = 2; if (CLASS_OF(self) == cASN1Sequence || CLASS_OF(self) == cASN1Set) { tag = ossl_asn1_default_tag(self); } - else { /*BIT_STRING OR OCTET_STRING*/ + else { /* must be a constructive encoding of a primitive value */ ary = ossl_asn1_get_value(self); + if (!rb_obj_is_kind_of(ary, rb_cArray)) + ossl_raise(eASN1Error, "Constructive value must be an Array"); /* Recursively descend until a primitive value is found. The overall value of the entire constructed encoding is of the type of the first primitive encoding to be Index: test/openssl/test_asn1.rb =================================================================== --- test/openssl/test_asn1.rb (revision 31701) +++ test/openssl/test_asn1.rb (revision 31702) @@ -254,6 +254,18 @@ end end + def test_cons_without_array_forbidden + assert_raise(OpenSSL::ASN1::ASN1Error) do + val = OpenSSL::ASN1::OctetString.new('a') + cons = OpenSSL::ASN1::Constructive.new(val, + OpenSSL::ASN1::OCTET_STRING, + nil, + :UNIVERSAL) + cons.infinite_length = true + cons.to_der + end + end + def test_seq_infinite_length begin content = [ OpenSSL::ASN1::Null.new(nil), -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/