1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* ext/openssl/ossl_asn1.c: Forbid Constructives whose value is not an

Browse Source 
Array to prevent segfault. Added test.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31702 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
emboss 2011-05-22 22:00:24 +00:00
parent a65d506d83
commit 7d6529a415
3 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,3 +1,8 @@
Mon May 23 06:58:33 2011 Martin Bosslet <Martin.Bosslet@googlemail.com>
* ext/openssl/ossl_asn1.c: Forbid Constructives whose value is not an
Array to prevent segfault. Added test.
Mon May 23 06:33:17 2011 Martin Bosslet <Martin.Bosslet@googlemail.com> Mon May 23 06:33:17 2011 Martin Bosslet <Martin.Bosslet@googlemail.com>
* ext/openssl/ossl_asn1.c: Forbid Constructive without infinite * ext/openssl/ossl_asn1.c: Forbid Constructive without infinite

7
ext/openssl/ossl_asn1.c
View File

@ -1225,19 +1225,22 @@ ossl_asn1cons_to_der(VALUE self)
int found_prim = 0, seq_len; int found_prim = 0, seq_len;
long length; long length;
unsigned char *p; unsigned char *p;
VALUE value, str, inf_length, ary, example; VALUE value, str, inf_length;
tn = NUM2INT(ossl_asn1_get_tag(self)); tn = NUM2INT(ossl_asn1_get_tag(self));
tc = ossl_asn1_tag_class(self); tc = ossl_asn1_tag_class(self);
inf_length = ossl_asn1_get_infinite_length(self); inf_length = ossl_asn1_get_infinite_length(self);
if (inf_length == Qtrue) { if (inf_length == Qtrue) {
VALUE ary, example;
constructed = 2; constructed = 2;
if (CLASS_OF(self) == cASN1Sequence || if (CLASS_OF(self) == cASN1Sequence ||
CLASS_OF(self) == cASN1Set) { CLASS_OF(self) == cASN1Set) {
tag = ossl_asn1_default_tag(self); tag = ossl_asn1_default_tag(self);
} }
else { /*BIT_STRING OR OCTET_STRING*/ else { /* must be a constructive encoding of a primitive value */
ary = ossl_asn1_get_value(self); ary = ossl_asn1_get_value(self);
if (!rb_obj_is_kind_of(ary, rb_cArray))
ossl_raise(eASN1Error, "Constructive value must be an Array");
/* Recursively descend until a primitive value is found. /* Recursively descend until a primitive value is found.
The overall value of the entire constructed encoding The overall value of the entire constructed encoding
is of the type of the first primitive encoding to be is of the type of the first primitive encoding to be

12
test/openssl/test_asn1.rb
View File

@ -254,6 +254,18 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
end end
end end
def test_cons_without_array_forbidden
assert_raise(OpenSSL::ASN1::ASN1Error) do
val = OpenSSL::ASN1::OctetString.new('a')
cons = OpenSSL::ASN1::Constructive.new(val,
OpenSSL::ASN1::OCTET_STRING,
nil,
:UNIVERSAL)
cons.infinite_length = true
cons.to_der
end
end
def test_seq_infinite_length def test_seq_infinite_length
begin begin
content = [ OpenSSL::ASN1::Null.new(nil), content = [ OpenSSL::ASN1::Null.new(nil),