[ruby-cvs:66978] usa:r59800 (ruby_2_3): asn1: fix out-of-bounds read in decoding constructed objects

usa at ruby-lang.org usa at ruby-lang.org
Sat Sep 9 23:06:50 JST 2017


usa	2017-09-09 23:06:50 +0900 (Sat, 09 Sep 2017)

  New Revision: 59800

  https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=59800

  Log:
    asn1: fix out-of-bounds read in decoding constructed objects
    
    * OpenSSL::ASN1.{decode,decode_all,traverse}: have a bug of
      out-of-bounds read. int_ossl_asn1_decode0_cons() does not give the
      correct available length to ossl_asn1_decode() when decoding the
      inner components of a constructed object. This can cause
      out-of-bounds read if a crafted input given.
    
    Reference: https://hackerone.com/reports/170316
    https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b

  Modified files:
    branches/ruby_2_3/ChangeLog
    branches/ruby_2_3/ext/openssl/ossl_asn1.c
    branches/ruby_2_3/test/openssl/test_asn1.rb
    branches/ruby_2_3/version.h


More information about the ruby-cvs mailing list