ruby-changes:32487
From: nagachika <ko1@a...>
Date: Sun, 12 Jan 2014 16:05:54 +0900 (JST)
Subject: [ruby-changes:32487] nagachika:r44566 (ruby_2_0_0): merge revision(s) 43676: [Backport #8439]
nagachika 2014-01-12 16:05:47 +0900 (Sun, 12 Jan 2014) New Revision: 44566 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=44566 Log: merge revision(s) 43676: [Backport #8439] * test/openssl/test_cipher.rb (test_aes_gcm_wrong_tag): Don't use String#succ because it can make modified (wrong) auth_tag longer than 16 bytes. The longer auth_tag makes that EVP_CIPHER_CTX_ctrl (and internally aes_gcm_ctrl) fail. [ruby-core:55143] [Bug #8439] reported by Vit Ondruch. Modified directories: branches/ruby_2_0_0/ Modified files: branches/ruby_2_0_0/ChangeLog branches/ruby_2_0_0/test/openssl/test_cipher.rb branches/ruby_2_0_0/version.h Index: ruby_2_0_0/ChangeLog =================================================================== --- ruby_2_0_0/ChangeLog (revision 44565) +++ ruby_2_0_0/ChangeLog (revision 44566) @@ -1,3 +1,11 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_0_0/ChangeLog#L1 +Sun Jan 12 16:01:54 2014 Tanaka Akira <akr@f...> + + * test/openssl/test_cipher.rb (test_aes_gcm_wrong_tag): Don't use + String#succ because it can make modified (wrong) auth_tag longer + than 16 bytes. The longer auth_tag makes that + EVP_CIPHER_CTX_ctrl (and internally aes_gcm_ctrl) fail. + [ruby-core:55143] [Bug #8439] reported by Vit Ondruch. + Sun Jan 12 15:33:11 2014 Nobuyoshi Nakada <nobu@r...> * util.c (ruby_qsort): fix potential stack overflow on a large Index: ruby_2_0_0/version.h =================================================================== --- ruby_2_0_0/version.h (revision 44565) +++ ruby_2_0_0/version.h (revision 44566) @@ -1,6 +1,6 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_0_0/version.h#L1 #define RUBY_VERSION "2.0.0" #define RUBY_RELEASE_DATE "2014-01-12" -#define RUBY_PATCHLEVEL 380 +#define RUBY_PATCHLEVEL 381 #define RUBY_RELEASE_YEAR 2014 #define RUBY_RELEASE_MONTH 1 Index: ruby_2_0_0/test/openssl/test_cipher.rb =================================================================== --- ruby_2_0_0/test/openssl/test_cipher.rb (revision 44565) +++ ruby_2_0_0/test/openssl/test_cipher.rb (revision 44566) @@ -187,7 +187,8 @@ class OpenSSL::TestCipher < Test::Unit:: https://github.com/ruby/ruby/blob/trunk/ruby_2_0_0/test/openssl/test_cipher.rb#L187 tag = cipher.auth_tag decipher = new_decryptor('aes-128-gcm', key, iv) - decipher.auth_tag = tag[0..-2] << tag[-1].succ + tag.setbyte(-1, (tag.getbyte(-1) + 1) & 0xff) + decipher.auth_tag = tag decipher.auth_data = "aad" assert_raise OpenSSL::Cipher::CipherError do Property changes on: ruby_2_0_0 ___________________________________________________________________ Modified: svn:mergeinfo Merged /trunk:r43676 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/