Project

General

Profile

Actions
Copy link

Bug #5062

closed

double free in OpenSSL::Engine

Added by ohai (Ippei Obayashi) over 13 years ago. Updated over 13 years ago.

Status:
Closed
Assignee:
MartinBosslet (Martin Bosslet)
Target version:
1.9.3
ruby -v:
ruby 1.9.4dev (2011-07-20 trunk 32586) [x86_64-linux]
Backport:
[ruby-dev:44173]

Description

以下のコードを実行すると終了時にglibcがdouble freeを検出して停止します。
require 'openssl'
OpenSSL::Engine.load
OpenSSL::Engine.engines
OpenSSL::Engine.engines
停止時の出力を添付します。

ENGINE_get_nextが前に返したengineのref countを下げるのが原因のようで、添付したパッチでとりあえず直ります。

Files

Download all files
engine_bug.log (5.9 KB) engine_bug.log ohai (Ippei Obayashi), 07/21/2011 02:49 AM
ossl_engine_doublefree.patch (406 Bytes) ossl_engine_doublefree.patch ohai (Ippei Obayashi), 07/21/2011 02:49 AM
Actions
Copy link
 #1 [ruby-dev:44174]

Updated by MartinBosslet (Martin Bosslet) over 13 years ago

  • Status changed from Open to Assigned
  • Assignee set to MartinBosslet (Martin Bosslet)
  • Target version set to 1.9.3

Thanks Ippei,

I'll take a look at it!

Actions
Copy link
 #2 [ruby-dev:44178]

Updated by kosaki (Motohiro KOSAKI) over 13 years ago

  • Priority changed from Normal to 5
Actions
Copy link
 #3

Updated by Anonymous over 13 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r32604.
Ippei, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.

  • ext/openssl/ossl_engine.c: Avoid double free of ENGINE reference.
  • test/openssl/test_engine.rb: Add a test for it.
    Thanks to Ippei Obayashi for providing the patch.
    [ Ruby 1.9 - Bug #5062 ] [ruby-dev:44173]
Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0Like0