ruby-changes:23129
From: naruse <ko1@a...>
Date: Fri, 30 Mar 2012 14:17:56 +0900 (JST)
Subject: [ruby-changes:23129] naruse:r35179 (ruby_1_9_3): merge revision(s) 35162,35167: [Backport #6220]
naruse 2012-03-30 14:17:45 +0900 (Fri, 30 Mar 2012) New Revision: 35179 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=35179 Log: merge revision(s) 35162,35167: [Backport #6220] * test/openssl/test_x509cert.rb: Exclude test that fails when issuing a certificate with RSA signature and DSS1 digest for earlier OpenSSL versions when used in conjunction with OpenSSL 1.0.1. Thanks, Vit Ondruch, for reporting the issue. [ruby-core:42949][Bug #6089] * ext/openssl/ossl_pkcs7.c: fix crash when parsing garbage data. * test/openssl/test_pkcs7.rb: assert correct behavior for it. Thanks to Matt Venables for reporting the issue. [ruby-core:43250][Bug #6134] * test/openssl/test_x509cert.rb: exclude test that fails when issuing Modified files: branches/ruby_1_9_3/ChangeLog branches/ruby_1_9_3/ext/openssl/ossl_pkcs7.c branches/ruby_1_9_3/test/openssl/test_pkcs7.rb branches/ruby_1_9_3/test/openssl/test_x509cert.rb branches/ruby_1_9_3/version.h Index: ruby_1_9_3/ChangeLog =================================================================== --- ruby_1_9_3/ChangeLog (revision 35178) +++ ruby_1_9_3/ChangeLog (revision 35179) @@ -1,3 +1,18 @@ +Fri Mar 30 14:17:17 2012 Martin Bosslet <Martin.Bosslet@g...> + + * ext/openssl/ossl_pkcs7.c: fix crash when parsing garbage data. + * test/openssl/test_pkcs7.rb: assert correct behavior for it. + Thanks to Matt Venables for reporting the issue. + [ruby-core:43250][Bug #6134] + +Fri Mar 30 14:17:17 2012 Martin Bosslet <Martin.Bosslet@g...> + + * test/openssl/test_x509cert.rb: exclude test that fails when issuing + a certificate with RSA signature and DSS1 digest for earlier + OpenSSL versions when used in conjunction with OpenSSL 1.0.1. + Thanks, Vit Ondruch, for reporting the issue. + [ruby-core:42949][Bug #6089] + Fri Mar 30 14:15:40 2012 Nobuyoshi Nakada <nobu@r...> * string.c (str_new_empty): should copy also the encoding as an Index: ruby_1_9_3/ext/openssl/ossl_pkcs7.c =================================================================== --- ruby_1_9_3/ext/openssl/ossl_pkcs7.c (revision 35178) +++ ruby_1_9_3/ext/openssl/ossl_pkcs7.c (revision 35179) @@ -318,14 +318,17 @@ arg = ossl_to_der_if_possible(arg); in = ossl_obj2bio(arg); p7 = PEM_read_bio_PKCS7(in, &pkcs, NULL, NULL); - DATA_PTR(self) = pkcs; if (!p7) { OSSL_BIO_reset(in); p7 = d2i_PKCS7_bio(in, &pkcs); - if (!p7) + if (!p7) { + BIO_free(in); + PKCS7_free(pkcs); + DATA_PTR(self) = NULL; ossl_raise(rb_eArgError, "Could not parse the PKCS7"); - DATA_PTR(self) = pkcs; + } } + DATA_PTR(self) = pkcs; BIO_free(in); ossl_pkcs7_set_data(self, Qnil); ossl_pkcs7_set_err_string(self, Qnil); Index: ruby_1_9_3/version.h =================================================================== --- ruby_1_9_3/version.h (revision 35178) +++ ruby_1_9_3/version.h (revision 35179) @@ -1,5 +1,5 @@ #define RUBY_VERSION "1.9.3" -#define RUBY_PATCHLEVEL 171 +#define RUBY_PATCHLEVEL 172 #define RUBY_RELEASE_DATE "2012-03-30" #define RUBY_RELEASE_YEAR 2012 Index: ruby_1_9_3/test/openssl/test_x509cert.rb =================================================================== --- ruby_1_9_3/test/openssl/test_x509cert.rb (revision 35178) +++ ruby_1_9_3/test/openssl/test_x509cert.rb (revision 35179) @@ -175,7 +175,8 @@ assert_raise(OpenSSL::X509::CertificateError) do cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::Digest::DSS1.new) - end + end if OpenSSL::OPENSSL_VERSION_NUMBER < 0x10001000 # [ruby-core:42949] + assert_raise(OpenSSL::X509::CertificateError) do cert = issue_cert(@ca, @dsa512, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::Digest::MD5.new) Index: ruby_1_9_3/test/openssl/test_pkcs7.rb =================================================================== --- ruby_1_9_3/test/openssl/test_pkcs7.rb (revision 35178) +++ ruby_1_9_3/test/openssl/test_pkcs7.rb (revision 35179) @@ -146,6 +146,11 @@ assert_equal(3, recip[1].serial) assert_equal(data, p7.decrypt(@rsa1024, @ee2_cert)) end + + def test_graceful_parsing_failure #[ruby-core:43250] + contents = File.read(__FILE__) + assert_raise(ArgumentError) { OpenSSL::PKCS7.new(contents) } + end end end -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/