From: Matt Venables Date: 2012-03-13T22:34:43+09:00 Subject: [ruby-core:43264] [ruby-trunk - Bug #6134] Ruby crashes when calling OpenSSL::PKCS7.new with invalid PKCS7 data Issue #6134 has been updated by Matt Venables. Running "openssl version" gives me (I don't believe this has been upgraded): OpenSSL 0.9.8r 8 Feb 2011 I reinstalled 1.9.2-p318 (and 1.9.2-p180) and everything worked as expected (same as before - no segfault). I then reinstalled 1.9.3-p125 and 1.9.3-head (p163) and had the same segfault on both versions. For completeness, I tried the same code on a clean Ubuntu install (Ubuntu 11.10 codename oneiric) with the exact same results (1.9.2 passes, 1.9.3-p125 and 1.9.3-head both segfault) openssl version: OpenSSL 1.0.0e 6 Sep 2011 ruby 1.9.2 version (PASS): ruby 1.9.2p290 (2011-07-09 revision 32553) [x86_64-linux] ruby 1.9.3 version (SEGFAULT): ruby 1.9.3p125 (2012-02-16 revision 34643) [x86_64-linux] ruby 1.9.3-head version (SEGFAULT): ruby 1.9.3p163 (2012-03-06 revision 34932) [x86_64-linux] Another thing worth noting - if the test script was modified to use valid PKCS7 data, the script passes on all systems. It only segfaults when invalid data is used. ---------------------------------------- Bug #6134: Ruby crashes when calling OpenSSL::PKCS7.new with invalid PKCS7 data https://bugs.ruby-lang.org/issues/6134 Author: Matt Venables Status: Assigned Priority: Normal Assignee: Martin Bosslet Category: ext Target version: 1.9.3 ruby -v: ruby 1.9.3p125 (2012-02-16 revision 34643) [x86_64-darwin11.3.0] Reproducing steps: Run the following script in 1.9.3-p125 (it is attached to the issue as well) require 'openssl' contents = File.read(__FILE__) begin OpenSSL::PKCS7.new(contents) puts "OK" rescue => e puts "Error!" puts e end Expected Result: Ruby should not crash, the exception should be caught, and the script should output: "Error!" followed by the exception ("Could not parse the PKCS7: ...") Actual Result: The script outputs "Error!" followed by the exception, and ruby segfaults. (Crash report attached). The script occasionally operates as expected, but running it 3 or 4 times will always yield the segmentation fault. This only happens in 1.9.3 (1.9.2 is working fine). Tested on: 1.9.3-p0 (ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-darwin11.3.0]) 1.9.3-p125 (ruby 1.9.3p125 (2012-02-16 revision 34643) [x86_64-darwin11.3.0]) 1.9.3-head (ruby 1.9.3p163 (2012-03-06 revision 34932) [x86_64-darwin11.3.0]) -- http://bugs.ruby-lang.org/