ruby-changes:68496
From: Nobuhiro <ko1@a...>
Date: Sat, 16 Oct 2021 19:53:27 +0900 (JST)
Subject: [ruby-changes:68496] f88401f38e (master): [ruby/openssl] fix segv in Timestamp::{Request, Response, TokenInfo}.new
https://git.ruby-lang.org/ruby.git/commit/?id=f88401f38e From f88401f38e918c0bdc4d7c6b22f25e0a7eef04bb Mon Sep 17 00:00:00 2001 From: Nobuhiro IMAI <nov@y...> Date: Tue, 29 Sep 2020 00:05:36 +0900 Subject: [ruby/openssl] fix segv in Timestamp::{Request,Response,TokenInfo}.new prevent `ossl_ts_*_free()` from calling when `d2i_TS_*_bio()` failed. https://github.com/ruby/openssl/commit/b29e215786 --- ext/openssl/ossl_ts.c | 12 +++++++++--- test/openssl/test_ts.rb | 18 ++++++++++++++++++ 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/ext/openssl/ossl_ts.c b/ext/openssl/ossl_ts.c index 5cf674caa8..b9a62fd9e4 100644 --- a/ext/openssl/ossl_ts.c +++ b/ext/openssl/ossl_ts.c @@ -211,8 +211,10 @@ ossl_ts_req_initialize(int argc, VALUE *argv, VALUE self) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ts.c#L211 in = ossl_obj2bio(&arg); ts_req = d2i_TS_REQ_bio(in, &ts_req); BIO_free(in); - if (!ts_req) + if (!ts_req) { + DATA_PTR(self) = NULL; ossl_raise(eTimestampError, "Error when decoding the timestamp request"); + } DATA_PTR(self) = ts_req; return self; @@ -535,8 +537,10 @@ ossl_ts_resp_initialize(VALUE self, VALUE der) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ts.c#L537 in = ossl_obj2bio(&der); ts_resp = d2i_TS_RESP_bio(in, &ts_resp); BIO_free(in); - if (!ts_resp) + if (!ts_resp) { + DATA_PTR(self) = NULL; ossl_raise(eTimestampError, "Error when decoding the timestamp response"); + } DATA_PTR(self) = ts_resp; return self; @@ -874,8 +878,10 @@ ossl_ts_token_info_initialize(VALUE self, VALUE der) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ts.c#L878 in = ossl_obj2bio(&der); info = d2i_TS_TST_INFO_bio(in, &info); BIO_free(in); - if (!info) + if (!info) { + DATA_PTR(self) = NULL; ossl_raise(eTimestampError, "Error when decoding the timestamp token info"); + } DATA_PTR(self) = info; return self; diff --git a/test/openssl/test_ts.rb b/test/openssl/test_ts.rb index 8e31a7d28d..7cb1a1fe8e 100644 --- a/test/openssl/test_ts.rb +++ b/test/openssl/test_ts.rb @@ -181,6 +181,12 @@ _end_of_pem_ https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ts.rb#L181 assert_equal(42, qer2.nonce) end + def test_request_invalid_asn1 + assert_raise(OpenSSL::Timestamp::TimestampError) do + OpenSSL::Timestamp::Request.new("*" * 44) + end + end + def test_response_constants assert_equal(0, OpenSSL::Timestamp::Response::GRANTED) assert_equal(1, OpenSSL::Timestamp::Response::GRANTED_WITH_MODS) @@ -338,6 +344,12 @@ _end_of_pem_ https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ts.rb#L344 end end + def test_response_invalid_asn1 + assert_raise(OpenSSL::Timestamp::TimestampError) do + OpenSSL::Timestamp::Response.new("*" * 44) + end + end + def test_no_cert_requested req = OpenSSL::Timestamp::Request.new req.algorithm = "SHA1" @@ -590,6 +602,12 @@ _end_of_pem_ https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ts.rb#L602 assert_equal(123, info.nonce) end + def test_token_info_invalid_asn1 + assert_raise(OpenSSL::Timestamp::TimestampError) do + OpenSSL::Timestamp::TokenInfo.new("*" * 44) + end + end + private def assert_cert expected, actual -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/