diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2018-07-27 17:01:04 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2018-10-17 16:42:36 +0900 |
commit | f653cfa43f0f20e8c440122ea982382b6228e7f5 (patch) | |
tree | 4808109f2ccee9349d5b69caba292092f1c8bc3b /test/test_x509name.rb | |
parent | 1f90516e32ecd755d592002585e97cb78752eae2 (diff) | |
download | ruby-openssl-ky/x509name-cmp-bugfix.tar.gz |
x509name: fix OpenSSL::X509::Name#{cmp,<=>}ky/x509name-cmp-bugfix
Fix wrong use of X509_NAME_cmp() return value. OpenSSL::X509::Name#<=>
could return 0 when the two objects aren't identical.
Reported by Tyler Eckstein. CVE-2018-16395.
Reference: https://hackerone.com/reports/387250
Diffstat (limited to 'test/test_x509name.rb')
-rw-r--r-- | test/test_x509name.rb | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/test/test_x509name.rb b/test/test_x509name.rb index c1dacf4f..6c8fa61b 100644 --- a/test/test_x509name.rb +++ b/test/test_x509name.rb @@ -330,10 +330,16 @@ class OpenSSL::TestX509Name < OpenSSL::TestCase end def test_spaceship - n1 = OpenSSL::X509::Name.parse 'CN=a' - n2 = OpenSSL::X509::Name.parse 'CN=b' - - assert_equal(-1, n1 <=> n2) + n1 = OpenSSL::X509::Name.new([["CN", "a"]]) + n2 = OpenSSL::X509::Name.new([["CN", "a"]]) + n3 = OpenSSL::X509::Name.new([["CN", "ab"]]) + + assert_equal 0, n1 <=> n2 + assert_equal -1, n1 <=> n3 + assert_equal 0, n2 <=> n1 + assert_equal -1, n2 <=> n3 + assert_equal 1, n3 <=> n1 + assert_equal 1, n3 <=> n2 end def name_hash(name) |