Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssl: prevent string buffers from being modified outside #sys{read,write} #453

Merged
merged 3 commits into from
Sep 28, 2021
Merged

ssl: prevent string buffers from being modified outside #sys{read,write} #453

merged 3 commits into from
Sep 28, 2021

Conversation

rhenium
Copy link
Member

@rhenium rhenium commented Sep 1, 2021

ssl: create a temporary frozen string buffer when writing

Since a blocking SSLSocket#syswrite call allows context switches while
waiting for the underlying socket to be ready, we must freeze the string
buffer to prevent other threads from modifying it.

Reference: #452

ssl: temporary lock string buffer while reading

Similarly to SSLSocket#syswrite, the blocking SSLSocket#sysread allows
context switches. We must prevent other threads from modifying the
string buffer.

We can use rb_str_locktmp() and rb_str_unlocktmp() to temporarily
prohibit modification of the string.

@rhenium rhenium mentioned this pull request Sep 1, 2021
Closed
@rhenium rhenium force-pushed the ky/ssl-sysread-syswrite-protect-buffer branch 2 times, most recently from d98cb16 to 1c5cfc7 Compare September 1, 2021 10:55
eregon and others added 3 commits September 27, 2021 00:15
@eregon @rhenium
Use rb_block_call() instead of the deprecated rb_iterate() in OpenSSL
657a473 
[ This is a backport to the 2.1 branch. ]

* See https://bugs.ruby-lang.org/issues/18025
  and ruby/ruby#4629

(cherry picked from commit b8e4852)
@rhenium
ssl: create a temporary frozen string buffer when writing
aea874b 
Since a blocking SSLSocket#syswrite call allows context switches while
waiting for the underlying socket to be ready, we must freeze the string
buffer to prevent other threads from modifying it.

Reference: ruby#452
@rhenium
ssl: temporary lock string buffer while reading
d382749 
Similarly to SSLSocket#syswrite, the blocking SSLSocket#sysread allows
context switches. We must prevent other threads from modifying the
string buffer.

We can use rb_str_locktmp() and rb_str_unlocktmp() to temporarily
prohibit modification of the string.
@rhenium rhenium force-pushed the ky/ssl-sysread-syswrite-protect-buffer branch from 1c5cfc7 to d382749 Compare September 26, 2021 15:15
@ioquatix
Copy link
Member

This seems like the right approach but I think exception handling is insufficient.

@rhenium
Copy link
Member Author

rhenium commented Sep 27, 2021

Could you elaborate?

@ioquatix
Copy link
Member

Do we unlock the string if an exception is raised?

@rhenium
Copy link
Member Author

rhenium commented Sep 27, 2021

Unless I'm missing something, yes. The string should be unlocked in all possible paths before exiting the function.

@rhenium rhenium merged commit a9d7195 into ruby:maint-2.1 Sep 28, 2021
This was referenced Oct 19, 2021
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rhenium @ioquatix @eregon