ruby-changes:33787
From: usa <ko1@a...>
Date: Thu, 8 May 2014 01:59:26 +0900 (JST)
Subject: [ruby-changes:33787] usa:r45868 (ruby_2_0_0): merge revision(s) 45595: [Backport #9743]
usa 2014-05-08 01:59:18 +0900 (Thu, 08 May 2014) New Revision: 45868 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=45868 Log: merge revision(s) 45595: [Backport #9743] * ext/openssl/ossl_pkey.c (ossl_pkey_verify): as EVP_VerifyFinal() finalizes only a copy of the digest context, the context must be cleaned up after initialization by EVP_MD_CTX_cleanup() or a memory leak will occur. [ruby-core:62038] [Bug #9743] Modified directories: branches/ruby_2_0_0/ Modified files: branches/ruby_2_0_0/ChangeLog branches/ruby_2_0_0/ext/openssl/ossl_pkey.c branches/ruby_2_0_0/test/openssl/test_pkey_rsa.rb branches/ruby_2_0_0/test/ruby/envutil.rb branches/ruby_2_0_0/version.h Index: ruby_2_0_0/ChangeLog =================================================================== --- ruby_2_0_0/ChangeLog (revision 45867) +++ ruby_2_0_0/ChangeLog (revision 45868) @@ -1,3 +1,10 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_0_0/ChangeLog#L1 +Thu May 8 01:51:19 2014 Nobuyoshi Nakada <nobu@r...> + + * ext/openssl/ossl_pkey.c (ossl_pkey_verify): as EVP_VerifyFinal() + finalizes only a copy of the digest context, the context must be + cleaned up after initialization by EVP_MD_CTX_cleanup() or a + memory leak will occur. [ruby-core:62038] [Bug #9743] + Wed Apr 30 16:39:43 2014 Nobuyoshi Nakada <nobu@r...> * ext/readline/extconf.rb (rl_hook_func_t): check pointer type. Index: ruby_2_0_0/ext/openssl/ossl_pkey.c =================================================================== --- ruby_2_0_0/ext/openssl/ossl_pkey.c (revision 45867) +++ ruby_2_0_0/ext/openssl/ossl_pkey.c (revision 45868) @@ -318,13 +318,16 @@ ossl_pkey_verify(VALUE self, VALUE diges https://github.com/ruby/ruby/blob/trunk/ruby_2_0_0/ext/openssl/ossl_pkey.c#L318 { EVP_PKEY *pkey; EVP_MD_CTX ctx; + int result; GetPKey(self, pkey); - EVP_VerifyInit(&ctx, GetDigestPtr(digest)); StringValue(sig); StringValue(data); + EVP_VerifyInit(&ctx, GetDigestPtr(digest)); EVP_VerifyUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data)); - switch (EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey)) { + result = EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey); + EVP_MD_CTX_cleanup(&ctx); + switch (result) { case 0: return Qfalse; case 1: Index: ruby_2_0_0/version.h =================================================================== --- ruby_2_0_0/version.h (revision 45867) +++ ruby_2_0_0/version.h (revision 45868) @@ -1,10 +1,10 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_0_0/version.h#L1 #define RUBY_VERSION "2.0.0" -#define RUBY_RELEASE_DATE "2014-04-30" -#define RUBY_PATCHLEVEL 477 +#define RUBY_RELEASE_DATE "2014-05-08" +#define RUBY_PATCHLEVEL 478 #define RUBY_RELEASE_YEAR 2014 -#define RUBY_RELEASE_MONTH 4 -#define RUBY_RELEASE_DAY 30 +#define RUBY_RELEASE_MONTH 5 +#define RUBY_RELEASE_DAY 8 #include "ruby/version.h" Index: ruby_2_0_0/test/ruby/envutil.rb =================================================================== --- ruby_2_0_0/test/ruby/envutil.rb (revision 45867) +++ ruby_2_0_0/test/ruby/envutil.rb (revision 45868) @@ -340,7 +340,7 @@ eom https://github.com/ruby/ruby/blob/trunk/ruby_2_0_0/test/ruby/envutil.rb#L340 assert_warning(*args) {$VERBOSE = false; yield} end - def assert_no_memory_leak(args, prepare, code, message=nil, limit: 2.0) + def assert_no_memory_leak(args, prepare, code, message=nil, limit: 2.0, rss: false) require_relative 'memory_status' token = "\e[7;1m#{$$.to_s}:#{Time.now.strftime('%s.%L')}:#{rand(0x10000).to_s(16)}:\e[m" token_dump = token.dump @@ -363,7 +363,7 @@ eom https://github.com/ruby/ruby/blob/trunk/ruby_2_0_0/test/ruby/envutil.rb#L363 before = err.sub!(/^#{token_re}START=(\{.*\})\n/, '') && Memory::Status.parse($1) after = err.sub!(/^#{token_re}FINAL=(\{.*\})\n/, '') && Memory::Status.parse($1) assert_equal([true, ""], [status.success?, err], message) - ([:size, :rss] & after.members).each do |n| + ([:size, (rss && :rss)] & after.members).each do |n| b = before[n] a = after[n] next unless a > 0 and b > 0 Index: ruby_2_0_0/test/openssl/test_pkey_rsa.rb =================================================================== --- ruby_2_0_0/test/openssl/test_pkey_rsa.rb (revision 45867) +++ ruby_2_0_0/test/openssl/test_pkey_rsa.rb (revision 45868) @@ -75,6 +75,36 @@ class OpenSSL::TestPKeyRSA < Test::Unit: https://github.com/ruby/ruby/blob/trunk/ruby_2_0_0/test/openssl/test_pkey_rsa.rb#L75 assert(key.verify(digest, sig, data)) end + def test_sign_verify_memory_leak + bug9743 = '[ruby-core:62038] [Bug #9743]' + assert_no_memory_leak(%w[-ropenssl], <<-PREP, <<-CODE, bug9743, rss: true) + data = 'Sign me!' + digest = OpenSSL::Digest::SHA512.new + pkey = OpenSSL::PKey::RSA.new(2048) + signature = pkey.sign(digest, data) + pub_key = pkey.public_key + PREP + 20_000.times { + pub_key.verify(digest, signature, data) + } + CODE + + assert_no_memory_leak(%w[-ropenssl], <<-PREP, <<-CODE, bug9743, rss: true) + data = 'Sign me!' + digest = OpenSSL::Digest::SHA512.new + pkey = OpenSSL::PKey::RSA.new(2048) + signature = pkey.sign(digest, data) + pub_key = pkey.public_key + PREP + 20_000.times { + begin + pub_key.verify(digest, signature, 1) + rescue TypeError + end + } + CODE + end + def test_digest_state_irrelevant_sign key = OpenSSL::TestUtils::TEST_KEY_RSA1024 digest1 = OpenSSL::Digest::SHA1.new Property changes on: ruby_2_0_0 ___________________________________________________________________ Modified: svn:mergeinfo Merged /trunk:r45595 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/