From: k@... Date: 2016-08-06T11:38:15+00:00 Subject: [ruby-core:76752] [Ruby trunk Bug#12660] [PATCH] openssl: avoid undefined behavior on empty SSL_write Issue #12660 has been updated by Kazuki Yamaguchi. Thanks! Looks fine to me. Please commit. ---------------------------------------- Bug #12660: [PATCH] openssl: avoid undefined behavior on empty SSL_write https://bugs.ruby-lang.org/issues/12660#change-59969 * Author: Eric Wong * Status: Open * Priority: Normal * Assignee: Kazuki Yamaguchi * ruby -v: * Backport: 2.1: REQUIRED, 2.2: REQUIRED, 2.3: REQUIRED ---------------------------------------- SSL_write(3ssl) manpage has this in the WARNINGS section: When calling SSL_write() with num=0 bytes to be sent the behaviour is undefined. And indeed, the new test case demonstrates failures when empty strings are used. So, match the behavior of IO#write, IO#write_nonblock, and IO#syswrite by returning zero, as the OpenSSL::SSL::SSLSocket API already closely mimics the IO one. * ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior * test/openssl/test_pair.rb (test_write_zero): new test Comments? Will commit in a week or so if no response. ---Files-------------------------------- 0001-openssl-avoid-undefined-behavior-on-empty-SSL_write.patch (2.17 KB) -- https://bugs.ruby-lang.org/ Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>