[ruby/openssl] pkcs7: raise ArgumentError for PKCS7 with no content in PKCS7.new

Fixes [Bug #19974] [pkuzco: expanded the fix for other content types] [ky: adjusted formatting and the exception type] https://github.com/ruby/openssl/commit/27e11f2d1d Co-authored-by: pkuzco <b.naamneh@gmail.com> Co-authored-by: Kazuki Yamaguchi <k@rhe.jp>
2023-10-27 09:08:11 -07:00 · 2023-10-27 09:08:11 -07:00 · c9aa63a9e0
commit c9aa63a9e0
parent eb6f0000a4
2 changed files with 7 additions and 0 deletions
--- a/ext/openssl/ossl_pkcs7.c
+++ b/ext/openssl/ossl_pkcs7.c
@ -346,6 +346,8 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
    BIO_free(in);
    if (!p7)
        ossl_raise(rb_eArgError, "Could not parse the PKCS7");
+    if (!p7->d.ptr)
+        ossl_raise(rb_eArgError, "No content in PKCS7");

    RTYPEDDATA_DATA(self) = p7;
    PKCS7_free(p7_orig);
--- a/test/openssl/test_pkcs7.rb
+++ b/test/openssl/test_pkcs7.rb
@ -155,6 +155,11 @@ class OpenSSL::TestPKCS7 < OpenSSL::TestCase
    assert_equal(data, p7.decrypt(@rsa1024))
  end

+  def test_empty_signed_data_ruby_bug_19974
+    data = "-----BEGIN PKCS7-----\nMAsGCSqGSIb3DQEHAg==\n-----END PKCS7-----\n"
+    assert_raise(ArgumentError) { OpenSSL::PKCS7.new(data) }
+  end
+
  def test_graceful_parsing_failure #[ruby-core:43250]
    contents = File.read(__FILE__)
    assert_raise(ArgumentError) { OpenSSL::PKCS7.new(contents) }