diff options
| author | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-05-04 17:44:00 +0000 |
|---|---|---|
| committer | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-05-04 17:44:00 +0000 |
| commit | 01cf2127bd3b3ec3be64a10991d6b3287d60a162 (patch) | |
| tree | 346e3602a94178a2bc230bced25379c8ca0e54af | |
| parent | acd893d1755cc87542f36131f40c9c3f0aa5bc04 (diff) | |
merge revision(s) r45595: [Backport #9743] [Backport #9745]
* ext/openssl/ossl_pkey.c (ossl_pkey_verify): as EVP_VerifyFinal()
finalizes only a copy of the digest context, the context must be
cleaned up after initialization by EVP_MD_CTX_cleanup() or a
memory leak will occur. [ruby-core:62038] [Bug #9743]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@45821 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | ext/openssl/ossl_pkey.c | 7 | ||||
| -rw-r--r-- | test/openssl/test_pkey_rsa.rb | 30 | ||||
| -rw-r--r-- | version.h | 2 |
4 files changed, 43 insertions, 3 deletions
@@ -1,3 +1,10 @@ +Mon May 5 02:35:20 2014 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * ext/openssl/ossl_pkey.c (ossl_pkey_verify): as EVP_VerifyFinal() + finalizes only a copy of the digest context, the context must be + cleaned up after initialization by EVP_MD_CTX_cleanup() or a + memory leak will occur. [ruby-core:62038] [Bug #9743] + Mon May 5 02:21:48 2014 Nobuyoshi Nakada <nobu@ruby-lang.org> * ext/dl/cptr.c (dlptr_free), ext/dl/handle.c (dlhandle_free), diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index 0004d9d9b5..878b221270 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -318,13 +318,16 @@ ossl_pkey_verify(VALUE self, VALUE digest, VALUE sig, VALUE data) { EVP_PKEY *pkey; EVP_MD_CTX ctx; + int result; GetPKey(self, pkey); - EVP_VerifyInit(&ctx, GetDigestPtr(digest)); StringValue(sig); StringValue(data); + EVP_VerifyInit(&ctx, GetDigestPtr(digest)); EVP_VerifyUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data)); - switch (EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey)) { + result = EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey); + EVP_MD_CTX_cleanup(&ctx); + switch (result) { case 0: return Qfalse; case 1: diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb index 1881525c02..ce9bd60c2f 100644 --- a/test/openssl/test_pkey_rsa.rb +++ b/test/openssl/test_pkey_rsa.rb @@ -75,6 +75,36 @@ class OpenSSL::TestPKeyRSA < Test::Unit::TestCase assert(key.verify(digest, sig, data)) end + def test_sign_verify_memory_leak + bug9743 = '[ruby-core:62038] [Bug #9743]' + assert_no_memory_leak(%w[-ropenssl], <<-PREP, <<-CODE, bug9743, rss: true) + data = 'Sign me!' + digest = OpenSSL::Digest::SHA512.new + pkey = OpenSSL::PKey::RSA.new(2048) + signature = pkey.sign(digest, data) + pub_key = pkey.public_key + PREP + 20_000.times { + pub_key.verify(digest, signature, data) + } + CODE + + assert_no_memory_leak(%w[-ropenssl], <<-PREP, <<-CODE, bug9743, rss: true) + data = 'Sign me!' + digest = OpenSSL::Digest::SHA512.new + pkey = OpenSSL::PKey::RSA.new(2048) + signature = pkey.sign(digest, data) + pub_key = pkey.public_key + PREP + 20_000.times { + begin + pub_key.verify(digest, signature, 1) + rescue TypeError + end + } + CODE + end + def test_digest_state_irrelevant_sign key = OpenSSL::TestUtils::TEST_KEY_RSA1024 digest1 = OpenSSL::Digest::SHA1.new @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.1.2" #define RUBY_RELEASE_DATE "2014-05-05" -#define RUBY_PATCHLEVEL 91 +#define RUBY_PATCHLEVEL 92 #define RUBY_RELEASE_YEAR 2014 #define RUBY_RELEASE_MONTH 5 |