[pkuzco: expanded the fix for other content types]
[ky: adjusted formatting and the exception type]
07eceb7f63
Co-authored-by: pkuzco <b.naamneh@gmail.com>
Co-authored-by: Kazuki Yamaguchi <k@rhe.jp>
OpenSSL::Cipher#update currently allocates the output buffer with size
(input data length)+(the block size of the cipher). This is insufficient
for the id-aes{128,192,256}-wrap-pad (AES keywrap with padding) ciphers.
They have a block size of 8 bytes, but the output may be up to 15 bytes
larger than the input.
Use (input data length)+EVP_MAX_BLOCK_LENGTH (== 32) as the output
buffer size, instead. OpenSSL doesn't provide a generic way to tell the
maximum required buffer size for ciphers, but this is large enough for
all algorithms implemented in current versions of OpenSSL.
Fixes: https://bugs.ruby-lang.org/issues/202363035559f54
If a single string that is a static literal is interpolated, it
does not impact whether or not the parent is a static literal. In
this way, if you have something like a regular expression that
interpolates a string literal, it's possible that you will end up
pushing just a single regexp onto the stack as opposed to calling
out to toregexp.
4f096c2257
rb_ast_dispose does not free the rb_ast_t causing it to be leaked. This
commit changes it to use rb_ast_free instead.
For example:
require "ripper"
10.times do
100_000.times do
Ripper.sexp("")
end
puts `ps -o rss= -p #{$$}`
end
Before:
27648
32512
37376
42240
47232
52224
57344
62208
67072
71936
After:
22784
22784
22784
22784
22912
22912
22912
22912
22912
22912
(https://github.com/ruby/irb/pull/917)
* Use 'irbtest-' instead if 'irb-' as prefix of test files.
Otherwise IRB would mis-recognize exceptions raised in test files as
exceptions raised in IRB itself.
* Support `IRB.conf[:BACKTRACE_FILTER]``
This config allows users to customize the backtrace of exceptions raised
and displayed in IRB sessions. This is useful for filtering out library
frames from the backtrace.
IRB expects the given value to response to `call` method and return
the filtered backtrace.
6f6e87d769
(https://github.com/ruby/irb/pull/934)
Since commands can't be chained with methods, their return values are
not intended to be used. But if IRB keeps storing command return values
as the last value, and print them, users may rely on such implicit
behaviour.
So to avoid such confusion, this commit suppresses command's
return values. It also updates some commands that currently rely on
this implicit behaviour.
fa96bea76f
RFC 2986, section 4.1 only defines version 1 for CSRs. This version
is encoded as a 0. Starting with OpenSSL 3.3, setting the CSR version
to anything but 1 fails.
Do not attempt to generate a CSR with invalid version (which now fails)
and invalidate the CSR in test_sign_and_verify_rsa_sha1 by changing its
subject rather than using an invalid version.
This commit fixes the following error.
```
2) Error: test_version(OpenSSL::TestX509Request): OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:18:in `version='
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:18:in `issue_csr'
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:43:in
`test_version'
40: req = OpenSSL::X509::Request.new(req.to_der)
41: assert_equal(0, req.version)
42:
=> 43: req = issue_csr(1, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))
44: assert_equal(1, req.version)
45: req = OpenSSL::X509::Request.new(req.to_der)
46: assert_equal(1, req.version)
```
c06fdeb091
as names
(https://github.com/ruby/irb/pull/932)
This will save users some heads scratching when they try to register a
command with a string name and found that it doesn't work.
I also rewrote converted custom command tests into integration tests to
make test setup/cleanup easier.
a91a212dbe
https://bugs.ruby-lang.org/issues/20228 started freeing `stk_base` to
avoid a memory leak. But `stk_base` is sometimes stack allocated (using
`xalloca`), so the free only works if the regex stack has grown enough
to hit `stack_double` (which uses `xmalloc` and `xrealloc`).
To reproduce the problem on master and 3.3.1:
```ruby
Regexp.timeout = 0.001
/^(a*)x$/ =~ "a" * 1000000 + "x"'
```
Some details about this potential fix:
`stk_base == stk_alloc` on
[init](dde99215f2/regexec.c (L1153)),
so if `stk_base != stk_alloc` we can be sure we called
[`stack_double`](dde99215f2/regexec.c (L1210))
and it's safe to free. It's also safe to free if we've
[saved](dde99215f2/regexec.c (L1187-L1189))
the stack to `msa->stack_p`, since we do the `stk_base != stk_alloc`
check before saving.
This matches the check we do inside
[`stack_double`](dde99215f2/regexec.c (L1221))
