From: markus-koller@... Date: 2016-09-22T12:56:31+00:00 Subject: [ruby-core:77352] [Ruby trunk Bug#12783] Segmentation fault when verifying RSA signature Issue #12783 has been reported by Markus Koller. ---------------------------------------- Bug #12783: Segmentation fault when verifying RSA signature https://bugs.ruby-lang.org/issues/12783 * Author: Markus Koller * Status: Open * Priority: Normal * Assignee: Martin Bosslet * ruby -v: ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-linux] * Backport: 2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN ---------------------------------------- I ran into a segfault while using the [json-jwt](https://github.com/nov/json-jwt/) gem, it happens when trying to verify the RSA signature using the OpenSSL library. I've attached a minimal test case which triggers the segfault without going through json-jwt, along with the binary input data. The original non-binary format of the signature/JWT seems to be correct according to the validator at https://jwt.io/. I'm on Debian sid with libssl 1.0.2h-1, and I could reproduce the segfault with several Ruby versions from 2.4.0-preview2 back to 2.1.10 (didn't try earlier ones). I also tried the newer libssl 1.1 (which caused compile errors with Ruby 2.3.1) as well as 1.0.1 (which I gave up on because I couldn't find out how to force Ruby to compile with the older version). Let me know if there's more debugging information I can provide you with. ---Files-------------------------------- segfault.log (13.2 KB) segfault.rb (266 Bytes) signature (256 Bytes) signature_base_string (845 Bytes) -- https://bugs.ruby-lang.org/ Unsubscribe: