merge revision(s) 55175: [Backport #12428]

	* ext/openssl/ossl_pkey_dh.c (ossl_dh_compute_key): Check that the DH
	  has 'p' (the prime) before calling DH_size(). We can create a DH with
	  no parameter but DH_size() does not check and dereferences NULL.
	  [ruby-core:75720] [Bug #12428]

	* ext/openssl/ossl_pkey_dsa.c (ossl_dsa_sign): Ditto. DSA_size() does
	  not check dsa->q.

	* ext/openssl/ossl_pkey_rsa.c (ossl_rsa_public_encrypt,
	  ossl_rsa_public_decrypt, ossl_rsa_private_encrypt,
	  ossl_rsa_private_decrypt): Ditto. RSA_size() does not check rsa->n.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@55904 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 14 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 065f58900f..396f4cb723 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,17 @@
+Tue Aug 16 03:41:21 2016  Kazuki Yamaguchi  <k@rhe.jp>
+
+	* ext/openssl/ossl_pkey_dh.c (ossl_dh_compute_key): Check that the DH
+	  has 'p' (the prime) before calling DH_size(). We can create a DH with
+	  no parameter but DH_size() does not check and dereferences NULL.
+	  [ruby-core:75720] [Bug #12428]
+
+	* ext/openssl/ossl_pkey_dsa.c (ossl_dsa_sign): Ditto. DSA_size() does
+	  not check dsa->q.
+
+	* ext/openssl/ossl_pkey_rsa.c (ossl_rsa_public_encrypt,
+	  ossl_rsa_public_decrypt, ossl_rsa_private_encrypt,
+	  ossl_rsa_private_decrypt): Ditto. RSA_size() does not check rsa->n.
+
 Tue Aug 16 03:10:42 2016  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* transcode.c (enc_arg, str_transcode_enc_args, econv_args):