diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2025-08-01 02:40:02 +0900 |
|---|---|---|
| committer | git <svn-admin@ruby-lang.org> | 2025-08-01 12:03:39 +0000 |
| commit | 3fe4ab0d23150f47e2ee6af0badbe08c070a9a95 (patch) | |
| tree | 3c2f9d6423236cba9eefb285a7bcdf6b12e26c81 /ext/openssl | |
| parent | 1064c63643f1d70ef7253acc1022fdbf4e903b70 (diff) | |
[ruby/openssl] pkcs7: fix error queue leak in OpenSSL::PKCS7#detached
Only call PKCS7_get_detached() if the PKCS7 object is a signed-data.
This is only useful for the content type, and leaves an error entry if
called on a PKCS7 object with a different content type.
https://github.com/ruby/openssl/commit/8997f6d5e6
Diffstat (limited to 'ext/openssl')
| -rw-r--r-- | ext/openssl/ossl_pkcs7.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index c53e512e88..cf49598c89 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -510,6 +510,8 @@ ossl_pkcs7_get_detached(VALUE self) { PKCS7 *p7; GetPKCS7(self, p7); + if (!PKCS7_type_is_signed(p7)) + return Qfalse; return PKCS7_get_detached(p7) ? Qtrue : Qfalse; } |