https://git.ruby-lang.org/ruby.git/commit/?id=4fb2845c7b

From 4fb2845c7b71d94f01a224020e4eb91c99f99d66 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@r...>
Date: Fri, 2 Sep 2022 18:14:57 +0900
Subject: [ruby/openssl] pkey: clear error queue before each
 OSSL_DECODER_from_bio() call

Fix potential error queue leak.

https://github.com/ruby/openssl/commit/3992b6f208
---
 ext/openssl/ossl_pkey.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
index 0dafa6dc71..0effb3e96a 100644
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@@ -99,17 +99,20 @@ ossl_pkey_read_generic(BIO *bio, VALUE pass) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey.c#L99
     /* First check DER */
     if (OSSL_DECODER_from_bio(dctx, bio) == 1)
         goto out;
+    OSSL_BIO_reset(bio);
 
     /* Then check PEM; multiple OSSL_DECODER_from_bio() calls may be needed */
-    OSSL_BIO_reset(bio);
     if (OSSL_DECODER_CTX_set_input_type(dctx, "PEM") != 1)
         goto out;
-    while (OSSL_DECODER_from_bio(dctx, bio) != 1) {
-        if (BIO_eof(bio))
+    while (1) {
+        if (OSSL_DECODER_from_bio(dctx, bio) == 1)
             goto out;
+        if (BIO_eof(bio))
+            break;
         pos2 = BIO_tell(bio);
         if (pos2 < 0 || pos2 <= pos)
-            goto out;
+            break;
+        ossl_clear_error();
         pos = pos2;
     }
 
-- 
cgit v1.2.3


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/