Project

General

Profile

Bug #20937

Updated by akiellor (Andrew Kiellor) 13 days ago

We've observed a recurring "can't set length of shared string" error in production emerging from the `aws-sdk-s3` library when using it's client encryption features. The sdk in this mode uses OpenSSL::Cipher in decrypt mode with a String buffer. It appears that under some circumstances the buffer becomes a "shared string" and is no longer compatible with the requirements of OpenSSL::Cipher#update. 

 I've attached a reproduction scenario using only the ruby standard library. 

 ``` shell 
 $ ruby -v 
 ruby 3.3.6 (2024-11-05 revision 75015d4c1f) +YJIT [arm64-darwin23] 
 $ ruby scripty.rb 
 scripty.rb:32:in `update': can't set length of shared string (RuntimeError) 
	 from scripty.rb:32:in `block (2 levels) in <main>' 
	 from scripty.rb:31:in `each' 
	 from scripty.rb:31:in `block in <main>' 
	 from /nix/store/fhmbmmzr4h5yax66nl2x44rrdf039b3s-ruby-3.3.6/lib/ruby/3.3.0/tempfile.rb:447:in `create' 
	 from scripty.rb:26:in `<main>' 
 ``` 

 The attached script has a few different read patterns, some fail and some do not. 

 Credit for isolating this issue goes to [@simoleone](https://bugs.ruby-lang.org/users/55425).

Back