Project

General

Profile

Actions

Bug #20937

open

"can't set length of shared string" error when using OpenSSL::Cipher#update with buffer

Added by akiellor (Andrew Kiellor) 13 days ago. Updated 12 days ago.

Status:
Open
Target version:
-
ruby -v:
ruby 3.3.6 (2024-11-05 revision 75015d4c1f) +YJIT [arm64-darwin23]
[ruby-core:120141]

Description

We've observed a recurring "can't set length of shared string" error in production emerging from the aws-sdk-s3 library when using it's client encryption features. The sdk in this mode uses OpenSSL::Cipher in decrypt mode with a String buffer. It appears that under some circumstances the buffer becomes a "shared string" and is no longer compatible with the requirements of OpenSSL::Cipher#update.

I've attached a reproduction scenario using only the ruby standard library.

$ ruby -v
ruby 3.3.6 (2024-11-05 revision 75015d4c1f) +YJIT [arm64-darwin23]
$ ruby scripty.rb
scripty.rb:32:in `update': can't set length of shared string (RuntimeError)
	from scripty.rb:32:in `block (2 levels) in <main>'
	from scripty.rb:31:in `each'
	from scripty.rb:31:in `block in <main>'
	from /nix/store/fhmbmmzr4h5yax66nl2x44rrdf039b3s-ruby-3.3.6/lib/ruby/3.3.0/tempfile.rb:447:in `create'
	from scripty.rb:26:in `<main>'

The attached script has a few different read patterns, some fail and some do not.

Credit for isolating this issue goes to @simoleone.


Files

scripty.rb (1.15 KB) scripty.rb akiellor (Andrew Kiellor), 12/09/2024 07:07 PM
Actions

Also available in: Atom PDF

Like1
Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0