Project

General

Profile

Actions

Bug #12428

closed

OpenSSL::PKey::RSA.public_encrypt crashes ruby when initiated without key size.

Added by cjeon (CHEOLHO JEON) almost 8 years ago. Updated over 7 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-darwin15]
[ruby-core:75720]

Description

Hi, I think I found a bug. OpenSSL::PKey::RSA initiated without keysize crashes when public_encrypt is called.
Below script will crash ruby (it is attached as opensslcrash.rb)

require('openssl')
p = OpenSSL::PKey::RSA.new
p.public_encrypt('hi')

I'm attaching error message(ruby opensslcrash.rb &> error_message.txt) and crash reports under /Users/CJeon/Library/Logs/DiagnosticReports.

Let me know if you guys need further information. Thanks!


Files

error_message.txt (7.03 KB) error_message.txt error message cjeon (CHEOLHO JEON), 05/25/2016 11:28 AM
crash.tar (149 KB) crash.tar crash reports cjeon (CHEOLHO JEON), 05/25/2016 11:28 AM
opensslcrash.rb (276 Bytes) opensslcrash.rb cjeon (CHEOLHO JEON), 05/25/2016 11:34 AM

Related issues 1 (0 open1 closed)

Has duplicate Ruby master - Bug #12865: openssl: segmentation fault when nil is passed as keyClosedActions
Actions #2

Updated by Anonymous almost 8 years ago

  • Status changed from Open to Closed

Applied in changeset r55175.


openssl: avoid NULL dereference in {DH,DSA,RSA}_size()

  • ext/openssl/ossl_pkey_dh.c (ossl_dh_compute_key): Check that the DH
    has 'p' (the prime) before calling DH_size(). We can create a DH with
    no parameter but DH_size() does not check and dereferences NULL.
    [ruby-core:75720] [Bug #12428]

  • ext/openssl/ossl_pkey_dsa.c (ossl_dsa_sign): Ditto. DSA_size() does
    not check dsa->q.

  • ext/openssl/ossl_pkey_rsa.c (ossl_rsa_public_encrypt,
    ossl_rsa_public_decrypt, ossl_rsa_private_encrypt,
    ossl_rsa_private_decrypt): Ditto. RSA_size() does not check rsa->n.

Updated by usa (Usaku NAKAMURA) almost 8 years ago

  • Backport changed from 2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN to 2.1: WONTFIX, 2.2: REQUIRED, 2.3: REQUIRED

Updated by nagachika (Tomoyuki Chikanaga) over 7 years ago

  • Backport changed from 2.1: WONTFIX, 2.2: REQUIRED, 2.3: REQUIRED to 2.1: WONTFIX, 2.2: REQUIRED, 2.3: DONE

ruby_2_3 r55904 merged revision(s) 55175.

Updated by usa (Usaku NAKAMURA) over 7 years ago

  • Backport changed from 2.1: WONTFIX, 2.2: REQUIRED, 2.3: DONE to 2.1: WONTFIX, 2.2: DONE, 2.3: DONE

ruby_2_2 r55935 merged revision(s) 55175.

Actions #6

Updated by nobu (Nobuyoshi Nakada) over 7 years ago

  • Has duplicate Bug #12865: openssl: segmentation fault when nil is passed as key added
Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0