Project

General

Profile

Actions
Copy link

Bug #9677

closed

OpenSSL::PKey::EC#to_text causes a segmentation fault

Bug #9677: OpenSSL::PKey::EC#to_text causes a segmentation fault

Added by DavidEGrayson (David Grayson) over 11 years ago. Updated over 9 years ago.

Status:
Third Party's Issue
Assignee:
-
Target version:
-
ruby -v:
ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-linux]
Backport:
2.0.0: UNKNOWN, 2.1: UNKNOWN
[ruby-core:61690]

Description

I have Ruby 2.1.1p76 and when I try to run a particular snippet of code using the OpenSSL extension, I get a segmentation fault. I am running Arch Linux and I have openssl 1.0.1.f-1. I built Ruby from source. This bug also affects Ruby 2.1.0.

Here is a snippet of shell output showing the Ruby command that causes the problem:

$ ruby -v -ropenssl -e "OpenSSL::PKey::EC.new('secp256k1').to_text"
ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-linux]
-e:1: [BUG] Segmentation fault at 0x00000000000000
...

I attached a text file with the full output from Ruby to this bug report.

This other OpenSSL segmentation fault issue might be related:

https://bugs.ruby-lang.org/issues/9592

Files

openssl_to_text_segfault.txt (15.7 KB) openssl_to_text_segfault.txt Full output, including stack trace. DavidEGrayson (David Grayson), 03/26/2014 05:51 AM

Updated by samkottler (Sam Kottler) over 11 years ago Actions
Copy link
 #1 [ruby-core:62320]

Thanks for the report! I'm looking into this now.

Updated by samkottler (Sam Kottler) over 11 years ago Actions
Copy link
 #2 [ruby-core:62321]

It's worth noting that this segfault happens on not only arch, but also OSX, debian, and fedora. That makes it seem like a generic issue which is not isolated to arch.

Updated by phasis68 (Heesob Park) over 11 years ago Actions
Copy link
 #3 [ruby-core:62443]

I found that the segmentation fault occurs when a public_key is not set.
Here is a patch.

diff --git a/ossl_pkey_ec.c b/ossl_pkey_ec.c
index 5e419bd..070bfc4 100644
--- a/ossl_pkey_ec.c
+++ b/ossl_pkey_ec.c
@@ -574,6 +574,13 @@ static VALUE ossl_ec_key_to_text(VALUE self)
     VALUE str;
 
     Require_EC_KEY(self, ec);
+
+    if (EC_KEY_get0_public_key(ec) == NULL)
+        ossl_raise(eECError, "can't export - no public key set");
+
+    if (EC_KEY_check_key(ec) != 1)
+        ossl_raise(eECError, "can't export - EC_KEY_check_key failed");
+    
     if (!(out = BIO_new(BIO_s_mem()))) {
         ossl_raise(eECError, "BIO_new(BIO_s_mem())");
     }

Updated by zzak (zzak _) about 10 years ago Actions
Copy link
 #4

  • Assignee changed from MartinBosslet (Martin Bosslet) to 7150

Updated by rhenium (Kazuki Yamaguchi) over 9 years ago Actions
Copy link
 #5 [ruby-core:76036]

  • Status changed from Open to Third Party's Issue

This is OpenSSL RT3065, and fixed in OpenSSL 1.0.0o, 1.0.1j and 1.0.2.

https://rt.openssl.org/Ticket/Display.html?id=3065

I think this is no longer an issue so I'm closing this, but let me know if this still occurs.

Actions
Copy link

Also available in: PDF Atom