[#37708] [Ruby 1.9 - Bug #4956][Open] [PATCH] string.c (tr_s_bang): fix leak with heap strings — Eric Wong <normalperson@...>
5 messages
2011/07/01
[#37807] Re: [Ruby 1.9 - Bug #4956][Open] [PATCH] string.c (tr_s_bang): fix leak with heap strings
— Eric Wong <normalperson@...>
2011/07/05
Eric Wong <normalperson@yhbt.net> wrote:
[#37810] Re: [Ruby 1.9 - Bug #4956][Open] [PATCH] string.c (tr_s_bang): fix leak with heap strings
— Aaron Patterson <aaron@...>
2011/07/05
On Wed, Jul 06, 2011 at 04:46:44AM +0900, Eric Wong wrote:
[#37714] test fail test/matrix/test_matrix.rb:321 — KOSAKI Motohiro <kosaki.motohiro@...>
http://59.106.172.211/~chkbuild/ruby-trunk/log/20110701T110101Z.log.html.gz
6 messages
2011/07/01
[#37716] Re: test fail test/matrix/test_matrix.rb:321
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/07/01
2011/7/1 KOSAKI Motohiro <kosaki.motohiro@gmail.com>:
[#37723] Re: test fail test/matrix/test_matrix.rb:321
— Marc-Andre Lafortune <ruby-core-mailing-list@...>
2011/07/01
Test fixed, thanks (indeed, Matrix#** now implements non integer exponents).
[#37729] Re: test fail test/matrix/test_matrix.rb:321
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/07/02
2011/7/2 Marc-Andre Lafortune <ruby-core-mailing-list@marc-andre.ca>:
[#37724] open-ssl related errors on MacOSX — SASADA Koichi <ko1@...>
Hi,
6 messages
2011/07/01
[#37725] Re: open-ssl related errors on MacOSX
— Martin Bo煬et <martin.bosslet@...>
2011/07/02
2011/7/2 SASADA Koichi <ko1@atdot.net>:
[#37728] Re: open-ssl related errors on MacOSX
— Martin Bo煬et <martin.bosslet@...>
2011/07/02
2011/7/2 Martin Bo煬et <martin.bosslet@googlemail.com>:
[#37730] [Ruby 1.9 - Bug #4962][Open] come back gem_prelude! — Yusuke Endoh <mame@...>
24 messages
2011/07/02
[#37833] [Ruby 1.9 - Bug #4962] come back gem_prelude!
— Eric Hodel <drbrain@...7.net>
2011/07/06
[#37813] Re: [Ruby 1.9 - Bug #4962][Open] come back gem_prelude!
— Aaron Patterson <aaron@...>
2011/07/05
On Sat, Jul 02, 2011 at 02:18:35PM +0900, Yusuke Endoh wrote:
[#37757] [Ruby 1.9 - Bug #4969][Open] Subtle issue with require — Thomas Sawyer <transfire@...>
13 messages
2011/07/03
[#37758] [Ruby 1.9 - Bug #4969] Subtle issue with require
— Thomas Sawyer <transfire@...>
2011/07/03
[#37831] [Ruby 1.9 - Bug #4969] Subtle issue with require
— Thomas Sawyer <transfire@...>
2011/07/06
[#40160] [Ruby 1.9 - Bug #4969] Subtle issue with require
— Thomas Sawyer <transfire@...>
2011/10/15
[#40162] [Ruby 1.9 - Bug #4969] Subtle issue with require
— Thomas Sawyer <transfire@...>
2011/10/15
[#37761] [Ruby 1.9 - Feature #4970][Open] FileUtils refactored — Thomas Sawyer <transfire@...>
10 messages
2011/07/03
[#37805] [Ruby 1.8 - Bug #4979][Open] `require 'foo'` is ambiguous when there is both foo.rb and foo.so — Antonio Terceiro <terceiro@...>
4 messages
2011/07/05
[#37840] [Ruby 1.9 - Feature #4985][Open] Add %S[] support for making a list of symbols — Aaron Patterson <aaron@...>
23 messages
2011/07/07
[#46005] [ruby-trunk - Feature #4985] Add %S[] support for making a list of symbols
— "tenderlovemaking (Aaron Patterson)" <aaron@...>
2012/06/30
[#46091] Re: [ruby-trunk - Feature #4985] Add %S[] support for making a list of symbols
— SASADA Koichi <ko1@...>
2012/07/01
I guessed that %S(...) is S-expr syntax.
[#37853] [Ruby 1.9 - Bug #4989][Open] Document Socket constants — Eric Hodel <drbrain@...7.net>
10 messages
2011/07/07
[#37870] [Ruby 1.9 - Bug #4989] Document Socket constants
— Motohiro KOSAKI <kosaki.motohiro@...>
2011/07/08
[#37877] Re: [Ruby 1.9 - Bug #4989] Document Socket constants
— James Cox <james@...>
2011/07/08
Why change all the statuses to low here? I don't see the validity of
[#37878] Re: [Ruby 1.9 - Bug #4989] Document Socket constants
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/07/08
Hi
[#37893] Re: [Ruby 1.9 - Bug #4989] Document Socket constants
— James Cox <james@...>
2011/07/08
On Fri, Jul 8, 2011 at 08:25, KOSAKI Motohiro <kosaki.motohiro@gmail.com> wrote:
[#37858] [Ruby 1.9 - Bug #4992][Open] finalizer中のThread.newでSEGV — Shota Fukumori <sorah@...>
8 messages
2011/07/08
[#37859] [Ruby 1.9 - Bug #4992] finalizer中のThread.newでSEGV
— Shota Fukumori <sorah@...>
2011/07/08
[#37860] Re: [ruby-core:37859] [Ruby 1.9 - Bug #4992] finalizer中のThread.newでSEGV
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/07/08
> -- Thread.new in finalizer raises SEGV
[#37866] [Backport87 - Feature #4996][Open] About 1.8.7 EOL — Shyouhei Urabe <shyouhei@...>
22 messages
2011/07/08
[#38427] [Backport87 - Feature #4996] About 1.8.7 EOL
— Brian Candler <b.candler@...>
2011/07/23
[#37913] [Ruby 1.9 - Bug #5003][Open] Enumerator#next segfaults in OS X Lion (10.7) — Ganesh Gunasegaran <ganesh.gunas@...>
16 messages
2011/07/09
[#37917] [Ruby 1.9 - Feature #5005][Open] Provide convenient access to original methods — Lazaridis Ilias <ilias@...>
13 messages
2011/07/09
[#37932] [Ruby 1.9 - Feature #5008][Open] Equal rights for Hash (like Array, String, Integer, Float) — Suraj Kurapati <sunaku@...>
31 messages
2011/07/09
[#43310] [ruby-trunk - Feature #5008] Equal rights for Hash (like Array, String, Integer, Float)
— Suraj Kurapati <sunaku@...>
2012/03/15
[#43849] [ruby-trunk - Feature #5008] Equal rights for Hash (like Array, String, Integer, Float)
— "rosenfeld (Rodrigo Rosenfeld Rosas)" <rr.rosas@...>
2012/03/29
[#43855] Re: [ruby-trunk - Feature #5008] Equal rights for Hash (like Array, String, Integer, Float)
— Adam Prescott <adam@...>
2012/03/29
On Thu, Mar 29, 2012 at 13:25, rosenfeld (Rodrigo Rosenfeld Rosas) <
[#37936] [Ruby 1.9 - Feature #5010][Open] Add Slop(-like) in stdlib and deprecate current OptionParser API — Rodrigo Rosenfeld Rosas <rr.rosas@...>
29 messages
2011/07/09
[#37939] Re: [Ruby 1.9 - Feature #5010][Open] Add Slop(-like) in stdlib and deprecate current OptionParser API
— Nobuyoshi Nakada <nobu@...>
2011/07/09
Hi,
[#37940] Re: [Ruby 1.9 - Feature #5010][Open] Add Slop(-like) in stdlib and deprecate current OptionParser API
— Rodrigo Rosenfeld Rosas <rr.rosas@...>
2011/07/09
Em 09-07-2011 20:13, Nobuyoshi Nakada escreveu:
[#49817] [ruby-trunk - Feature #5010] Add Slop(-like) in stdlib and deprecate current OptionParser API
— "rosenfeld (Rodrigo Rosenfeld Rosas)" <rr.rosas@...>
2012/11/21
[#37985] [Ruby 1.9 - Bug #2616] unable to trap in doze — Motohiro KOSAKI <kosaki.motohiro@...>
3 messages
2011/07/11
[#37988] [Ruby 1.9 - Feature #5016][Open] Kernel#caller with negative limit should limit result to N initial frames — Nikolai Weibull <now@...>
6 messages
2011/07/11
[#38011] [Ruby 1.9 - Bug #5018][Open] ruby_1_9_3 branch is missing from official GitHub mirror — Luis Lavena <luislavena@...>
5 messages
2011/07/11
[#38096] [Ruby 1.9 - Feature #5033][Open] PATCH: 1.9: gc_mark_children: Avoid gc_mark() tail recursion, use goto again. — Kurt Stephens <ks.ruby@...>
14 messages
2011/07/16
[#38109] [Ruby 1.9 - Bug #5034][Open] C Source Code formatting — Lazaridis Ilias <ilias@...>
18 messages
2011/07/16
[#38137] [Ruby 1.9 - Bug #5038][Open] Ruby 1.9.2 stops on some Regular Expressions — Bob Ambartsumov <bob@...>
4 messages
2011/07/17
[#38140] [Ruby 1.9 - Feature #5041][Open] Set FD_CLOEXEC for all fds (except 0, 1, 2) — Akira Tanaka <akr@...>
9 messages
2011/07/17
[#38158] Proposal to merge net2-http for Ruby 1.9.4 — Yehuda Katz <wycats@...>
I gave a talk at Ruby Kaigi about my work on Net::HTTP (
10 messages
2011/07/18
[#38179] Re: Proposal to merge net2-http for Ruby 1.9.4
— Tanaka Akira <akr@...>
2011/07/19
2011/7/18 Yehuda Katz <wycats@gmail.com>:
[#38227] Re: Proposal to merge net2-http for Ruby 1.9.4
— Yehuda Katz <wycats@...>
2011/07/20
Yehuda Katz
[#38164] [Ruby 1.9 - Bug #5046][Open] Bug with xmlrpc::client, basic auth and long authentication strings — Herwin Weststrate <herwin@...>
4 messages
2011/07/18
[#38171] [Ruby 1.9 - Bug #5047][Open] Segfault (most likely involving require) — Jack Christensen <jack@...>
21 messages
2011/07/18
[#38375] [Ruby 1.9 - Bug #5047] Segfault (most likely involving require)
— Hiroshi Nakamura <nakahiro@...>
2011/07/22
[#38405] Re: [Ruby 1.9 - Bug #5047] Segfault (most likely involving require)
— Eric Wong <normalperson@...>
2011/07/22
Hiroshi Nakamura <nakahiro@gmail.com> wrote:
[#38406] Re: [Ruby 1.9 - Bug #5047] Segfault (most likely involving require)
— Eric Hodel <drbrain@...7.net>
2011/07/22
On Jul 22, 2011, at 2:41 PM, Eric Wong wrote:
[#38436] [Ruby 1.9 - Bug #5047] Segfault (most likely involving require)
— Hiroshi Nakamura <nakahiro@...>
2011/07/24
[#38465] [Ruby 1.9 - Bug #5047] Segfault (most likely involving require)
— Motohiro KOSAKI <kosaki.motohiro@...>
2011/07/24
[#38495] Re: [Ruby 1.9 - Bug #5047] Segfault (most likely involving require)
— Yusuke ENDOH <mame@...>
2011/07/25
Thank you for the trying the patch.
[#38172] [Backport87 - Backport #5048][Open] Make failed on tk bindings under OSX Lion fresh install — "Wayne E. Seguin" <wayneeseguin@...>
7 messages
2011/07/18
[#38182] [Ruby 1.9 - Feature #5054][Open] Compress a sequence of ends — ANDO Yasushi ANDO <andyjpn@...>
68 messages
2011/07/19
[#38188] [Ruby 1.9 - Feature #5054] Compress a sequence of ends
— Steve Klabnik <steve@...>
2011/07/19
[#38236] [Ruby 1.9 - Feature #5054] Compress a sequence of ends
— Akinori MUSHA <knu@...>
2011/07/20
[#38197] [Ruby 1.9 - Feature #5056][Open] About 1.9 EOL — Shyouhei Urabe <shyouhei@...>
39 messages
2011/07/19
[#38900] [Ruby 1.9 - Feature #5056] About 1.9 EOL
— Shota Fukumori <sorah@...>
2011/08/10
[#38902] Re: [Ruby 1.9 - Feature #5056] About 1.9 EOL
— Yukihiro Matsumoto <matz@...>
2011/08/10
Hi,
[#39048] Re: [Ruby 1.9 - Feature #5056] About 1.9 EOL
— SASADA Koichi <ko1@...>
2011/08/22
Hi,
[#39055] Re: [Ruby 1.9 - Feature #5056] About 1.9 EOL
— Lucas Nussbaum <lucas@...>
2011/08/23
On 23/08/11 at 06:50 +0900, SASADA Koichi wrote:
[#39056] Re: [Ruby 1.9 - Feature #5056] About 1.9 EOL
— "NARUSE, Yui" <naruse@...>
2011/08/23
(2011/08/23 20:09), Lucas Nussbaum wrote:
[#39060] Re: [Ruby 1.9 - Feature #5056] About 1.9 EOL
— Lucas Nussbaum <lucas@...>
2011/08/23
On 23/08/11 at 20:20 +0900, NARUSE, Yui wrote:
[#38271] [Ruby 1.9 - Feature #5056] About 1.9 EOL
— Shyouhei Urabe <shyouhei@...>
2011/07/20
[#38291] [Ruby 1.9 - Feature #5056] About 1.9 EOL
— Motohiro KOSAKI <kosaki.motohiro@...>
2011/07/21
[#38334] Re: [Ruby 1.9 - Feature #5056] About 1.9 EOL
— Benoit Daloze <eregontp@...>
2011/07/21
Hello,
[#38295] [Ruby 1.9 - Feature #5064][Open] HTTP user-agent class — Eric Hodel <drbrain@...7.net>
15 messages
2011/07/21
[#38516] [Ruby 1.9 - Feature #5064] HTTP user-agent class
— Eric Hodel <drbrain@...7.net>
2011/07/26
[#38502] [Ruby 1.9 - Feature #5064] HTTP user-agent class
— Eric Hodel <drbrain@...7.net>
2011/07/25
[#38343] [Ruby 1.9 - Bug #5068][Open] Issue with "duplicated when clause is ignored" — Stefano Mioli <stefano.mioli@...>
7 messages
2011/07/21
[#38367] [Ruby 1.9 - Feature #5072][Open] Avoid inadvertent symbol creation in reflection methods — Jeremy Evans <merch-redmine@...>
6 messages
2011/07/21
[#38391] [Ruby 1.9 - Bug #5076][Open] Mac OS X Lion Support — Yui NARUSE <naruse@...>
17 messages
2011/07/22
[#38451] [Ruby 1.9 - Bug #5090][Open] Segfault using Enumerator — Robert Syme <rob.syme@...>
8 messages
2011/07/24
[#38464] [Ruby 1.9 - Bug #5091][Open] Can't require './.testrb' — Thomas Sawyer <transfire@...>
4 messages
2011/07/24
[#38491] 1.9.3 Status Update? — Joshua Ballanco <jballanc@...>
Hello ruby-core,
1 message
2011/07/25
[#38510] [Ruby 1.9 - Feature #5097][Assigned] Supported platforms of Ruby 1.9.3 — Yui NARUSE <naruse@...>
42 messages
2011/07/26
[#38525] Re: [Ruby 1.9 - Feature #5097][Assigned] Supported platforms of Ruby 1.9.3
— Luis Lavena <luislavena@...>
2011/07/26
On Mon, Jul 25, 2011 at 11:52 PM, Yui NARUSE <naruse@airemix.jp> wrote:
[#38511] Re: [Ruby 1.9 - Feature #5097][Assigned] Supported platforms of Ruby 1.9.3
— Eric Wong <normalperson@...>
2011/07/26
Yui NARUSE <naruse@airemix.jp> wrote:
[#38538] [Ruby 1.9 - Feature #5101][Open] allow optional timeout for TCPSocket.new — Eric Wong <normalperson@...>
15 messages
2011/07/27
[#38580] Re: [Ruby 1.9 - Feature #5101][Open] allow optional timeout for TCPSocket.new
— Tanaka Akira <akr@...>
2011/07/28
2011/7/27 Eric Wong <normalperson@yhbt.net>:
[#38590] Re: [Ruby 1.9 - Feature #5101][Open] allow optional timeout for TCPSocket.new
— Eric Wong <normalperson@...>
2011/07/28
Tanaka Akira <akr@fsij.org> wrote:
[#38598] Re: [Ruby 1.9 - Feature #5101][Open] allow optional timeout for TCPSocket.new
— Tanaka Akira <akr@...>
2011/07/29
2011/7/29 Eric Wong <normalperson@yhbt.net>:
[#38651] Re: [Ruby 1.9 - Feature #5101][Open] allow optional timeout for TCPSocket.new
— Tanaka Akira <akr@...>
2011/08/01
2011/7/30 Tanaka Akira <akr@fsij.org>:
[#38610] [Ruby 1.9 - Feature #5120][Open] String#split needs to be logical — Alexey Muranov <muranov@...>
18 messages
2011/07/30
[ruby-core:38535] [Ruby 1.9 - Bug #4944] crash in FIPS mode after unchecked EVP_DigestInit_ex failure
From:
Martin Bosslet <Martin.Bosslet@...>
Date:
2011-07-26 22:47:40 UTC
List:
ruby-core #38535
Issue #4944 has been updated by Martin Bosslet.
The issue with OS X 10.7 is solved, I had to revert the checks for an int return value of HMAC_Init_ex as OpenSSL versions prior to 1.0.0 did not have that feature yet. As concerns the deprecation of OpenSSL in OS X >= 10.7, that's a different issue. Seems to cause problems elsewhere, too: http://nodejs.debuggable.com/2011-03-05.txt (I like "Go away code we don't like. You can't use it." :)
Still, Jared, could you please confirm that the patch for EVP_Digest_init_ex works for you now?
----------------------------------------
Bug #4944: crash in FIPS mode after unchecked EVP_DigestInit_ex failure
http://redmine.ruby-lang.org/issues/4944
Author: Jared Jennings
Status: Feedback
Priority: High
Assignee: Martin Bosslet
Category: ext
Target version: 1.9.3
ruby -v: ruby 1.9.3dev (2011-06-28 trunk 32273) [i686-linux]
=begin
I've got a host configured to be compliant with ((<U.S. Federal Information Processing Standard 140-2|URL:http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf>)) (FIPS 140-2). On this host, the OpenSSL library refuses to do an MD5 checksum, because the MD5 algorithm is not FIPS Approved. Any attempt to do an MD5 checksum using Ruby's openssl module (OpenSSL::Digest::MD5) presently results in the interpreter quitting with either a SIGSEGV or SIGABRT. This exists both in Ruby 1.8.7 as packaged in Red Hat Enterprise Linux 6.1, and in the nightly snapshot whose (({ruby -v})) you see below.
Here is a script which causes such a crash under FIPS mode:
require 'openssl'
md5 = OpenSSL::Digest::MD5.new
md5 << 'hi'
puts md5.hexdigest
The problem progresses like this: At source:/ext/openssl/ossl_digest.c#L36, GetDigestPtr fetches the MD5 algorithm using EVP_get_digestbyname or EVP_get_digestbyobj; this goes fine. At line 71, line 125 or line 162, we attempt to initialize the digest with EVP_DigestInit_ex. This returns 0 instead of 1, to indicate failure. The return value is presently ignored. (Even the example usage in my man page for EVP_DigestInit_ex doesn't check the return value!) Later on, either a SIGSEGV happens when a null function pointer is called, or some part of OpenSSL says on stderr,
digest.c(149): OpenSSL internal error, assertion failed: Digest init previous FIPS forbidden algorithm error ignored
Then it calls abort(), resulting in a SIGABRT. I haven't teased out exactly what leads to each outcome: both seem bad to me.
If the EVP_DigestInit_ex failure is tested for, the openssl module can throw an exception instead of causing an interpreter crash. The attached patch applies against the snapshot and does this.
Earlier discussion of this issue in the Puppet redmine is at ((<URL:http://projects.puppetlabs.com/issues/8120>)) (see note 2 particularly); a patch against 1.8.7, which is the same except for whitespace, is in the ruby-talk message ((<URL:http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/384989>)).
=end
--
http://redmine.ruby-lang.org