Issue #6134 has been updated by Martin Bosslet.

Category set to ext
Status changed from Open to Assigned
Assignee set to Martin Bosslet
Target version set to 1.9.3

Thank you for reporting this issue. Could you please verify that your (native) OpenSSL library has not been upgraded in the meantime? If it was, could you please additionally check if the problem still does not occur when using a re-installed 1.9.2 with this newer version of OpenSSL? Thanks,

-Martin
----------------------------------------
Bug #6134: Ruby crashes when calling OpenSSL::PKCS7.new with invalid PKCS7 data
https://bugs.ruby-lang.org/issues/6134

Author: Matt Venables
Status: Assigned
Priority: Normal
Assignee: Martin Bosslet
Category: ext
Target version: 1.9.3
ruby -v: ruby 1.9.3p125 (2012-02-16 revision 34643) [x86_64-darwin11.3.0]


Reproducing steps: 
Run the following script in 1.9.3-p125 (it is attached to the issue as well)

require 'openssl'
contents = File.read(__FILE__)
begin
  OpenSSL::PKCS7.new(contents)
  puts "OK"
rescue => e
  puts "Error!"
  puts e
end


Expected Result:
Ruby should not crash,  the exception should be caught, and the script should output: 
"Error!" followed by the exception ("Could not parse the PKCS7: ...")

Actual Result:
The script outputs "Error!" followed by the exception, and ruby segfaults. (Crash report attached).
The script occasionally operates as expected, but running it 3 or 4 times will always yield the segmentation fault.

This only happens in 1.9.3 (1.9.2 is working fine).

Tested on:
1.9.3-p0 (ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-darwin11.3.0])
1.9.3-p125 (ruby 1.9.3p125 (2012-02-16 revision 34643) [x86_64-darwin11.3.0])
1.9.3-head (ruby 1.9.3p163 (2012-03-06 revision 34932) [x86_64-darwin11.3.0])


-- 
http://bugs.ruby-lang.org/