path: root/ext/openssl/ossl_ssl.c
diff options
authornormal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-08-06 21:50:10 +0000
committernormal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-08-06 21:50:10 +0000
commit7513d54659fe8cd07022e07f32e1da640c96f0c3 (patch)
tree7068a00b66955ab19380ac57dab3d66350ba4386 /ext/openssl/ossl_ssl.c
parenta62dcd947c0bc52868beb3ddb1c570ac2ea46636 (diff)
openssl: avoid undefined behavior on empty SSL_write
SSL_write(3ssl) manpage has this in the WARNINGS section: When calling SSL_write() with num=0 bytes to be sent the behaviour is undefined. And indeed, the new test case demonstrates failures when empty strings are used. So, match the behavior of IO#write, IO#write_nonblock, and IO#syswrite by returning zero, as the OpenSSL::SSL::SSLSocket API already closely mimics the IO one. * ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior * test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_ssl.c')
1 files changed, 7 insertions, 1 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 5876946..a180ff2 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -1744,7 +1744,13 @@ ossl_ssl_write_internal(VALUE self, VALUE str, VALUE opts)
if (ssl_started(ssl)) {
for (;;){
- nwrite = SSL_write(ssl, RSTRING_PTR(str), RSTRING_LENINT(str));
+ int num = RSTRING_LENINT(str);
+ /* SSL_write(3ssl) manpage states num == 0 is undefined */
+ if (num == 0)
+ goto end;
+ nwrite = SSL_write(ssl, RSTRING_PTR(str), num);
switch(ssl_get_error(ssl, nwrite)){
goto end;