Issue #19974 has been updated by dprater (David Prater). By the way, looks like this (or at least a very similar) issue was opened in 2012 for Ruby 1.9.3 - https://bugs.ruby-lang.org/issues/6134. The bug was fixed, according to the tracker, but it seems like the issue was either reintroduced at some point, or wasn't completely fixed. ---------------------------------------- Bug #19974: OpenSSL::PKCS7 generates SegFault when parsing invalid data https://bugs.ruby-lang.org/issues/19974#change-105094 * Author: dprater (David Prater) * Status: Open * Priority: Normal * ruby -v: ruby 3.1.2p20 (2022-04-12 revision 4491bb740a) [x86_64-linux-musl], ruby 3.1.3p185 (2022-11-24 revision 1a6b16756e) [arm64-darwin21] * Backport: 3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: UNKNOWN ---------------------------------------- We ran into an instance of attempting to parse invalid PKCS7 certs that consistently causes a segfault in multiple versions of Ruby 3, on multiple platforms (Linux, Mac). To reproduce: ------- (within pry or irb or whatever ruby shell you prefer) ---------- data = "-----BEGIN PKCS7-----\nMAsGCSqGSIb3DQEHAg==\n-----END PKCS7-----\n" OpenSSL::PKCS7.new(data).certificates ----------------- This causes a segfault 100% of the time for me on both an M1 Mac as well as in docker containers running on both Mac as well as Linux hosts. The issue appears to be attempting to parse empty signedData. https://lapo.it/asn1js/#MAsGCSqGSIb3DQEHAg shows that this data contains the necessary ASN1 sequence to look like a valid PKCS7 certificate. However, the signedData is empty. I assume this is the cause of the issue, but I surely don't know. I've attached the info from the core dump inside a linux container running on an M1 Mac. ---Files-------------------------------- core_dump (145 KB) -- https://bugs.ruby-lang.org/

Issue #19974 has been updated by dprater (David Prater). That's great, thanks so much! ---------------------------------------- Bug #19974: OpenSSL::PKCS7 generates SegFault when parsing invalid data https://bugs.ruby-lang.org/issues/19974#change-105096 * Author: dprater (David Prater) * Status: Open * Priority: Normal * ruby -v: ruby 3.1.2p20 (2022-04-12 revision 4491bb740a) [x86_64-linux-musl], ruby 3.1.3p185 (2022-11-24 revision 1a6b16756e) [arm64-darwin21] * Backport: 3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: UNKNOWN ---------------------------------------- We ran into an instance of attempting to parse invalid PKCS7 certs that consistently causes a segfault in multiple versions of Ruby 3, on multiple platforms (Linux, Mac). To reproduce: ------- (within pry or irb or whatever ruby shell you prefer) ---------- data = "-----BEGIN PKCS7-----\nMAsGCSqGSIb3DQEHAg==\n-----END PKCS7-----\n" OpenSSL::PKCS7.new(data).certificates ----------------- This causes a segfault 100% of the time for me on both an M1 Mac as well as in docker containers running on both Mac as well as Linux hosts. The issue appears to be attempting to parse empty signedData. https://lapo.it/asn1js/#MAsGCSqGSIb3DQEHAg shows that this data contains the necessary ASN1 sequence to look like a valid PKCS7 certificate. However, the signedData is empty. I assume this is the cause of the issue, but I surely don't know. I've attached the info from the core dump inside a linux container running on an M1 Mac. ---Files-------------------------------- core_dump (145 KB) -- https://bugs.ruby-lang.org/