diff options
| author | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-03-30 05:17:45 +0000 |
|---|---|---|
| committer | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-03-30 05:17:45 +0000 |
| commit | 7d8e27a6a4603975936f96794fb6737a27564d78 (patch) | |
| tree | 157086db3efaf0343f8c3a2d40dda25688b51b29 | |
| parent | 3e89498bea13a6fedd0b485ea93387b935b795a8 (diff) | |
merge revision(s) 35162,35167: [Backport #6220]
* test/openssl/test_x509cert.rb: Exclude test that fails when issuing
a certificate with RSA signature and DSS1 digest for earlier
OpenSSL versions when used in conjunction with OpenSSL 1.0.1.
Thanks, Vit Ondruch, for reporting the issue.
[ruby-core:42949][Bug #6089]
* ext/openssl/ossl_pkcs7.c: fix crash when parsing garbage data.
* test/openssl/test_pkcs7.rb: assert correct behavior for it.
Thanks to Matt Venables for reporting the issue.
[ruby-core:43250][Bug #6134]
* test/openssl/test_x509cert.rb: exclude test that fails when issuing
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_3@35179 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 15 | ||||
| -rw-r--r-- | ext/openssl/ossl_pkcs7.c | 9 | ||||
| -rw-r--r-- | test/openssl/test_pkcs7.rb | 5 | ||||
| -rw-r--r-- | test/openssl/test_x509cert.rb | 3 | ||||
| -rw-r--r-- | version.h | 2 |
5 files changed, 29 insertions, 5 deletions
@@ -1,3 +1,18 @@ +Fri Mar 30 14:17:17 2012 Martin Bosslet <Martin.Bosslet@googlemail.com> + + * ext/openssl/ossl_pkcs7.c: fix crash when parsing garbage data. + * test/openssl/test_pkcs7.rb: assert correct behavior for it. + Thanks to Matt Venables for reporting the issue. + [ruby-core:43250][Bug #6134] + +Fri Mar 30 14:17:17 2012 Martin Bosslet <Martin.Bosslet@googlemail.com> + + * test/openssl/test_x509cert.rb: exclude test that fails when issuing + a certificate with RSA signature and DSS1 digest for earlier + OpenSSL versions when used in conjunction with OpenSSL 1.0.1. + Thanks, Vit Ondruch, for reporting the issue. + [ruby-core:42949][Bug #6089] + Fri Mar 30 14:15:40 2012 Nobuyoshi Nakada <nobu@ruby-lang.org> * string.c (str_new_empty): should copy also the encoding as an diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index f59d3c71d9..b710280c9c 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -318,14 +318,17 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self) arg = ossl_to_der_if_possible(arg); in = ossl_obj2bio(arg); p7 = PEM_read_bio_PKCS7(in, &pkcs, NULL, NULL); - DATA_PTR(self) = pkcs; if (!p7) { OSSL_BIO_reset(in); p7 = d2i_PKCS7_bio(in, &pkcs); - if (!p7) + if (!p7) { + BIO_free(in); + PKCS7_free(pkcs); + DATA_PTR(self) = NULL; ossl_raise(rb_eArgError, "Could not parse the PKCS7"); - DATA_PTR(self) = pkcs; + } } + DATA_PTR(self) = pkcs; BIO_free(in); ossl_pkcs7_set_data(self, Qnil); ossl_pkcs7_set_err_string(self, Qnil); diff --git a/test/openssl/test_pkcs7.rb b/test/openssl/test_pkcs7.rb index 34c523aacc..b17cbda0b2 100644 --- a/test/openssl/test_pkcs7.rb +++ b/test/openssl/test_pkcs7.rb @@ -146,6 +146,11 @@ class OpenSSL::TestPKCS7 < Test::Unit::TestCase assert_equal(3, recip[1].serial) assert_equal(data, p7.decrypt(@rsa1024, @ee2_cert)) end + + def test_graceful_parsing_failure #[ruby-core:43250] + contents = File.read(__FILE__) + assert_raise(ArgumentError) { OpenSSL::PKCS7.new(contents) } + end end end diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb index 8b8c51ceeb..80c31f4d13 100644 --- a/test/openssl/test_x509cert.rb +++ b/test/openssl/test_x509cert.rb @@ -175,7 +175,8 @@ class OpenSSL::TestX509Certificate < Test::Unit::TestCase assert_raise(OpenSSL::X509::CertificateError) do cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::Digest::DSS1.new) - end + end if OpenSSL::OPENSSL_VERSION_NUMBER < 0x10001000 # [ruby-core:42949] + assert_raise(OpenSSL::X509::CertificateError) do cert = issue_cert(@ca, @dsa512, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::Digest::MD5.new) @@ -1,5 +1,5 @@ #define RUBY_VERSION "1.9.3" -#define RUBY_PATCHLEVEL 171 +#define RUBY_PATCHLEVEL 172 #define RUBY_RELEASE_DATE "2012-03-30" #define RUBY_RELEASE_YEAR 2012 |