Bug #3000: Open SSL Segfaults
http://redmine.ruby-lang.org/issues/show/3000

Author: Christian Höltje
Status: Open, Priority: Immediate
Category: core
ruby -v: 1.9.1-p376

According the OpenSSL docs, we need to set the store->ex_data.sk to NULL before doing a verify on an x509 store.

See the attached patch.  It's a simple change and prevents segfaults or undefined behavior when using SSL.  This is probably a security problem, but I don't know enough to figure out how to exploit it.

The patch applies to the latest 1.9.1 as well as the p243 it was written for.


----------------------------------------
http://redmine.ruby-lang.org