diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-10-22 11:23:49 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-10-22 11:23:49 +0900 |
commit | b2985a73e393293bb3005389ad73152f174eb653 (patch) | |
tree | 37015cd5d613727aeb4c29b7b47dc79595f5c19b | |
parent | aba7b1694019189012a4c8f16be8b92e52817bfc (diff) | |
download | ruby-openssl-b2985a73e393293bb3005389ad73152f174eb653.tar.gz |
Fix possible RangeError in ossl_pem_passwd_cb()
Avoid RSTRING_LENINT() which may raise RangeError.
Since ossl_pem_passwd_cb() is supposed to be called from OpenSSL as a
callback, we must not do longjmp from it.
-rw-r--r-- | ext/openssl/ossl.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c index 7b5482c1..8c28c714 100644 --- a/ext/openssl/ossl.c +++ b/ext/openssl/ossl.c @@ -168,7 +168,8 @@ ossl_pem_passwd_cb0(VALUE flag) int ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_) { - int len, status; + long len; + int status; VALUE rflag, pass = (VALUE)pwd_; if (RTEST(pass)) { @@ -176,7 +177,7 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_) * work because it does not allow NUL characters and truncates to 1024 * bytes silently if the input is over 1024 bytes */ if (RB_TYPE_P(pass, T_STRING)) { - len = RSTRING_LENINT(pass); + len = RSTRING_LEN(pass); if (len >= OSSL_MIN_PWD_LEN && len <= max_len) { memcpy(buf, RSTRING_PTR(pass), len); return len; @@ -203,7 +204,7 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_) rb_set_errinfo(Qnil); return -1; } - len = RSTRING_LENINT(pass); + len = RSTRING_LEN(pass); if (len < OSSL_MIN_PWD_LEN) { rb_warning("password must be at least %d bytes", OSSL_MIN_PWD_LEN); continue; @@ -215,7 +216,7 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_) memcpy(buf, RSTRING_PTR(pass), len); break; } - return len; + return (int)len; } /* |