[前][次][番号順一覧][スレッド一覧]

ruby-changes:39507

From: nobu <ko1@a...>
Date: Sat, 15 Aug 2015 13:36:38 +0900 (JST)
Subject: [ruby-changes:39507] nobu:r51588 (trunk): ossl_ssl.c: check SSL method name

nobu	2015-08-15 13:34:29 +0900 (Sat, 15 Aug 2015)

  New Revision: 51588

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=51588

  Log:
    ossl_ssl.c: check SSL method name
    
    * ext/openssl/ossl_ssl.c (ossl_sslctx_set_ssl_version): SSL method
      name must not contain NUL.  preserve the encoding of message.

  Modified files:
    trunk/ext/openssl/ossl_ssl.c
    trunk/test/openssl/test_ssl.rb
Index: ext/openssl/ossl_ssl.c
===================================================================
--- ext/openssl/ossl_ssl.c	(revision 51587)
+++ ext/openssl/ossl_ssl.c	(revision 51588)
@@ -180,7 +180,7 @@ ossl_sslctx_set_ssl_version(VALUE self, https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ssl.c#L180
     SSL_CTX *ctx;
     if (RB_TYPE_P(ssl_method, T_SYMBOL))
 	m = rb_sym2str(ssl_method);
-    s = StringValuePtr(m);
+    s = StringValueCStr(m);
     for (i = 0; i < numberof(ossl_ssl_method_tab); i++) {
         if (strcmp(ossl_ssl_method_tab[i].name, s) == 0) {
             method = ossl_ssl_method_tab[i].func();
@@ -188,7 +188,7 @@ ossl_sslctx_set_ssl_version(VALUE self, https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ssl.c#L188
         }
     }
     if (!method) {
-        ossl_raise(rb_eArgError, "unknown SSL method `%s'.", s);
+        ossl_raise(rb_eArgError, "unknown SSL method `%"PRIsVALUE"'.", m);
     }
     GetSSLCTX(self, ctx);
     if (SSL_CTX_set_ssl_version(ctx, method) != 1) {
Index: test/openssl/test_ssl.rb
===================================================================
--- test/openssl/test_ssl.rb	(revision 51587)
+++ test/openssl/test_ssl.rb	(revision 51588)
@@ -10,6 +10,16 @@ class OpenSSL::TestSSL < OpenSSL::SSLTes https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ssl.rb#L10
     assert_equal(ctx.setup, nil)
   end
 
+  def test_ctx_setup_invalid
+    m = OpenSSL::SSL::SSLContext::METHODS.first
+    assert_raise_with_message(ArgumentError, /null/) {
+      OpenSSL::SSL::SSLContext.new("#{m}\0")
+    }
+    assert_raise_with_message(ArgumentError, /\u{ff33 ff33 ff2c}/) {
+      OpenSSL::SSL::SSLContext.new("\u{ff33 ff33 ff2c}")
+    }
+  end
+
   def test_options_defaults_to_OP_ALL
     ctx = OpenSSL::SSL::SSLContext.new
     assert_equal OpenSSL::SSL::OP_ALL, ctx.options

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]