From ce635262f53b760284d56bb1027baebaaec175d1 Mon Sep 17 00:00:00 2001
From: rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 24 May 2016 13:09:03 +0000
Subject: openssl: make Cipher#key= and #iv= reject too long values

* ext/openssl/ossl_cipher.c (ossl_cipher_set_key, ossl_cipher_set_iv):
  Reject too long values as well as too short ones. Currently they
  just truncate the input but this would hide bugs and lead to
  unexpected encryption/decryption results.

* test/openssl/test_cipher.rb: Test that Cipher#key= and #iv= reject
  Strings with invalid length.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index c409003e89..54f67390e4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+Tue May 24 22:04:15 2016  Kazuki Yamaguchi  <k@rhe.jp>
+
+	* ext/openssl/ossl_cipher.c (ossl_cipher_set_key, ossl_cipher_set_iv):
+	  Reject too long values as well as too short ones. Currently they
+	  just truncate the input but this would hide bugs and lead to
+	  unexpected encryption/decryption results.
+
+	* test/openssl/test_cipher.rb: Test that Cipher#key= and #iv= reject
+	  Strings with invalid length.
+
 Tue May 24 21:32:21 2016  Kazuki Yamaguchi  <k@rhe.jp>
 
 	* ext/openssl/ossl_x509ext.c (ossl_x509ext_set_value): Use
-- 
cgit v1.2.3