diff options
author | normal <normal@ruby-lang.org> | 2016-08-06 21:50:10 +0000 |
---|---|---|
committer | normal <normal@ruby-lang.org> | 2016-08-06 21:50:10 +0000 |
commit | f8316bff03aa6c510ac801b4367bab74a3b7c2c5 (patch) | |
tree | 75c2979c72e61e72cb00a49f217731221465684f | |
parent | f3afe3b1299c57ac723af59ba6208ec1f94abf57 (diff) | |
download | ruby-openssl-history-f8316bff03aa6c510ac801b4367bab74a3b7c2c5.tar.gz |
openssl: avoid undefined behavior on empty SSL_write
SSL_write(3ssl) manpage has this in the WARNINGS section:
When calling SSL_write() with num=0 bytes to be sent the
behaviour is undefined.
And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.
* ext/openssl/ossl_ssl.c (ossl_ssl_write_internal):
avoid undefined behavior
* test/openssl/test_pair.rb (test_write_zero): new test
[ruby-core:76751] [Bug #12660]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55822 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ext/openssl/ossl_ssl.c | 8 | ||||
-rw-r--r-- | test/test_pair.rb | 11 |
2 files changed, 18 insertions, 1 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 5876946..a180ff2 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -1744,7 +1744,13 @@ ossl_ssl_write_internal(VALUE self, VALUE str, VALUE opts) if (ssl_started(ssl)) { for (;;){ - nwrite = SSL_write(ssl, RSTRING_PTR(str), RSTRING_LENINT(str)); + int num = RSTRING_LENINT(str); + + /* SSL_write(3ssl) manpage states num == 0 is undefined */ + if (num == 0) + goto end; + + nwrite = SSL_write(ssl, RSTRING_PTR(str), num); switch(ssl_get_error(ssl, nwrite)){ case SSL_ERROR_NONE: goto end; diff --git a/test/test_pair.rb b/test/test_pair.rb index 5750f3b..d611d0f 100644 --- a/test/test_pair.rb +++ b/test/test_pair.rb @@ -311,6 +311,17 @@ module OpenSSL::TestPairM } end + def test_write_zero + ssl_pair {|s1, s2| + assert_equal 0, s2.write_nonblock('', exception: false) + assert_kind_of Symbol, s1.read_nonblock(1, exception: false) + assert_equal 0, s2.syswrite('') + assert_kind_of Symbol, s1.read_nonblock(1, exception: false) + assert_equal 0, s2.write('') + assert_kind_of Symbol, s1.read_nonblock(1, exception: false) + } + end + def tcp_pair host = "127.0.0.1" serv = TCPServer.new(host, 0) |