[ruby-cvs:67081] usa:r59903 (ruby_2_2): asn1: fix out-of-bounds read in decoding constructed objects

usa at ruby-lang.org usa at ruby-lang.org
Thu Sep 14 20:41:59 JST 2017


usa	2017-09-14 20:41:59 +0900 (Thu, 14 Sep 2017)

  New Revision: 59903

  https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=59903

  Log:
    asn1: fix out-of-bounds read in decoding constructed objects
    
    * OpenSSL::ASN1.{decode,decode_all,traverse}: have a bug of
      out-of-bounds read. int_ossl_asn1_decode0_cons() does not give the
      correct available length to ossl_asn1_decode() when decoding the
      inner components of a constructed object. This can cause
      out-of-bounds read if a crafted input given.
    
    Reference: https://hackerone.com/reports/170316
    https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b

  Modified files:
    branches/ruby_2_2/ChangeLog
    branches/ruby_2_2/ext/openssl/ossl_asn1.c
    branches/ruby_2_2/test/openssl/test_asn1.rb
    branches/ruby_2_2/version.h


More information about the ruby-cvs mailing list