Bug #9592
closed
Fix segfault with old OpenSSL
Added by nobu (Nobuyoshi Nakada) almost 11 years ago.
Updated over 10 years ago.
Description
r44572 以降、古いOpenSSL(0.9.8kで確認)で、SSL connectionに失敗したときにSEGVすることがあります。
$ ruby -rnet/https -e 'Net::HTTP.get(URI("https://brandymelvilleusa.com"))'
/app/vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:918: [BUG] Segmentation fault
ruby 2.0.0p451 (2014-02-24 revision 45167) [x86_64-linux]
r45271 で修正したのでバックポートをお願いします。
- Description updated (diff)
security fixではないですが、明らかなregressionなので1.9.3にも必要かもしれません。
- Status changed from Open to Closed
- % Done changed from 0 to 100
Applied in changeset ruby-200:r45472.
merge revision(s) r45271: [Backport #9592] [Backport #9670]
* ext/openssl/ossl.c (ossl_make_error): check NULL for unknown
error reasons with old OpenSSL, and insert a colon iff formatted
message is not empty.
- Backport changed from 1.9.3: REQUIRED, 2.0.0: REQUIRED, 2.1: REQUIRED to 1.9.3: REQUIRED, 2.0.0: DONE, 2.1: REQUIRED
r45271 was backported to ruby_2_0_0
at r45472.
コミット連動で閉じてしまいましたが、trunk では修正済みなので Closed にした上で Backport 欄を使うということでそのままにしておきます。
- Backport changed from 1.9.3: REQUIRED, 2.0.0: DONE, 2.1: REQUIRED to 1.9.3: DONE, 2.0.0: DONE, 2.1: REQUIRED
backported into ruby_1_9_3 at r45485. (see #9672)
We saw this error in production with Ruby 2.1.1p76 on Heroku, but I don't know how to reproduce it. Is a backport to 2.1.1 planned? Or including the fix in 2.1.2?
Apr 22 08:03:01 app/worker.1: /app/vendor/ruby-2.1.1/lib/ruby/2.1.0/net/http.rb:920: [BUG] Segmentation fault at 0x00000000000000
Apr 22 08:03:01 app/worker.1: ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-linux]
I suspect it occurs only with very old version OpenSSL, I can't reproduce it on other platforms at least.
It is planned to backport to 2.1, and the next 2.1 will be 2.1.2.
Nobuyoshi Nakada wrote:
I suspect it occurs only with very old version OpenSSL, I can't reproduce it on other platforms at least.
Yes, Heroku is running OpenSSL 0.9.8k 25 Mar 2009 on their Cedar stack.
(heroku run openssl version)
It is planned to backport to 2.1, and the next 2.1 will be 2.1.2.
Thanks. Looking forward to 2.1.2.
- Backport changed from 1.9.3: DONE, 2.0.0: DONE, 2.1: REQUIRED to 1.9.3: DONE, 2.0.0: DONE, 2.1: DONE
r45271 was backported into ruby_2_1
branch at r45778.
- Has duplicate Bug #9839: Segment fault in http added
Also available in: Atom
PDF
Like0
Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0