Ruby

I ran into a segfault while using the json-jwt gem, it happens when trying to verify the RSA signature using the OpenSSL library. I've attached a minimal test case which triggers the segfault without going through json-jwt, along with the binary input data. The original non-binary format of the signature/JWT seems to be correct according to the validator at https://jwt.io/.

I'm on Debian sid with libssl 1.0.2h-1, and I could reproduce the segfault with several Ruby versions from 2.4.0-preview2 back to 2.1.10 (didn't try earlier ones). I also tried the newer libssl 1.1 (which caused compile errors with Ruby 2.3.1) as well as 1.0.1 (which I gave up on because I couldn't find out how to force Ruby to compile with the older version).

Let me know if there's more debugging information I can provide you with.