Merge openssl-4.0.2ruby_4_0

The changes can be found at: https://github.com/ruby/openssl/compare/v4.0.1...v4.0.2
author: Kazuki Yamaguchi <k@rhe.jp> 2026-05-14 00:47:15 +0900
committer: Takashi Kokubun <takashikkbn@gmail.com> 2026-05-13 15:01:28 -0700
commit: cd38f6c5e141f18de1001b36baf3f18162d3d333 (patch)
tree: 5c42ff14366d8eb74115842973f7aa9579d2939b /test/openssl/test_ossl.rb
parent: 729e1512dfad3d341ed5916c87a500bce378545b (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/test/openssl/test_ossl.rb b/test/openssl/test_ossl.rb
index 51262985f5..1b9bde53ef 100644
--- a/test/openssl/test_ossl.rb
+++ b/test/openssl/test_ossl.rb
@@ -24,6 +24,16 @@ class OpenSSL::TestOSSL < OpenSSL::TestCase
     assert_raise(ArgumentError) { OpenSSL.fixed_length_secure_compare("aaa", "bbbb") }
   end
 
+  def test_fixed_length_secure_compare_uaf
+    str1 = "A" * 1000000
+    evil_obj = Object.new
+    evil_obj.define_singleton_method(:to_str) do
+      str1.replace("C" * 1000000)
+      "B" * 1000000
+    end
+    assert_false(OpenSSL.fixed_length_secure_compare(str1, evil_obj))
+  end
+
   def test_secure_compare
     assert_false(OpenSSL.secure_compare("aaa", "a"))
     assert_false(OpenSSL.secure_compare("aaa", "aa"))
author	Kazuki Yamaguchi <k@rhe.jp>	2026-05-14 00:47:15 +0900
committer	Takashi Kokubun <takashikkbn@gmail.com>	2026-05-13 15:01:28 -0700
commit	cd38f6c5e141f18de1001b36baf3f18162d3d333 (patch)
tree	5c42ff14366d8eb74115842973f7aa9579d2939b /test/openssl/test_ossl.rb
parent	729e1512dfad3d341ed5916c87a500bce378545b (diff)