785852 – include ruby patch to resolve buffer overflow

Bug 785852 - include ruby patch to resolve buffer overflow

Summary: include ruby patch to resolve buffer overflow

Keywords:
Status:	CLOSED WORKSFORME
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	ruby
Sub Component:
Version:	5.7
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Vít Ondruch
QA Contact:	BaseOS QE - Apps
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	773704 834381
TreeView+	depends on / blocked

Reported:	2012-01-30 19:03 UTC by Rob Millner
Modified:	2013-11-18 00:38 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-06-13 18:18:30 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Output from gem install (8.77 KB, text/plain) 2012-01-30 19:03 UTC, Rob Millner	no flags	Details
Ruby commit 65e137a (1.26 KB, patch) 2012-01-30 19:06 UTC, Rob Millner	no flags	Details \| Diff
View All

Description Rob Millner 2012-01-30 19:03:05 UTC

Created attachment 558423 [details]
Output from gem install

Description of problem:
Installing the OpenShift tools with gem causes ruby to abort on a buffer overflow.  The problem has been resolved by ruby commit 65e137a which can be applied to the version of ruby that ships in RHEL 5.

https://github.com/ruby/ruby/commit/65e137a74c1a6c1dddac44ca6f9d569828fb38d8#ext/syck/rubyext.c

Version-Release number of selected component (if applicable):
RHEL 5.7, ruby-1.8.5-19.el5_6.1

Gem (from EPEL) exposes the problem: rubygems-1.3.1-1.el5


How reproducible:
Always.


Steps to Reproduce:
1. On RHEL 5.7, install ruby, EPEL and rubygems from EPEL.
2. "gem install rhc"
  
Actual results:

[root@ip-10-204-97-214 ~]# gem install rhc
*** buffer overflow detected ***: /usr/bin/ruby terminated
======= Backtrace: =========
/lib/i686/nosegneg/libc.so.6(__chk_fail+0x41)[0x9e4fb1]
/usr/lib/ruby/1.8/i386-linux/syck.so(rb_syck_mktime+0x501)[0x6df8a1]
/usr/lib/ruby/1.8/i386-linux/syck.so(yaml_org_handler+0x838)[0x6e01b8]
/usr/lib/ruby/1.8/i386-linux/syck.so(syck_defaultresolver_node_import+0x3f)[0x6e051f]
/usr/lib/libruby.so.1.8[0xb82d7a]
/usr/lib/libruby.so.1.8[0xb8a45b]
/usr/lib/libruby.so.1.8[0xb8b178]
/usr/lib/libruby.so.1.8[0xb8b732]

etc...

Expected results:

[root@ip-10-72-222-230 ~]# gem install rhc
Successfully installed json_pure-1.6.5
Successfully installed parseconfig-0.5.2
Successfully installed rhc-0.84.15
3 gems installed
Installing ri documentation for parseconfig-0.5.2...
Installing RDoc documentation for parseconfig-0.5.2...


Additional info:

Also, this isn't specific to the 'rhc' rubygem.  There are other examples of
this behavior as well:

https://github.com/brianmario/yajl-ruby/issues/89
https://github.com/ezmobius/redis-rb/issues/131

Comment 1 Rob Millner 2012-01-30 19:06:37 UTC

Created attachment 558424 [details]
Ruby commit 65e137a

The whole patch.  Cangelog diff doesn't apply cleanly to ruby-1.8.5-19.el5_6.1 but the code itself does.

Comment 2 Vít Ondruch 2012-03-01 14:08:07 UTC

Thank you for reporting. The patch seems feasible and solves OpenShift issues with installing gems.

Comment 10 RHEL Program Management 2012-06-12 01:06:34 UTC

This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.

Comment 11 Rob Millner 2012-06-13 18:18:30 UTC

Somewhere along the way we were able to work around this issue.  Closing.  Thanks!

Comment 12 Bill McGonigle 2012-07-11 16:39:22 UTC

Looking at bug 773704 , this was worked around for openshift, but all other ruby gems installs are still broken (at least the half dozen I tried).

ruby-1.8.5-24.el5
rubygems-1.3.1-1.el5


# gem install fpm
*** buffer overflow detected ***: /usr/bin/ruby terminated
======= Backtrace: =========
/lib/i686/nosegneg/libc.so.6(__chk_fail+0x41)[0x547ba1]
/usr/lib/ruby/1.8/i386-linux/syck.so(rb_syck_mktime+0x501)[0xd926a1]
/usr/lib/ruby/1.8/i386-linux/syck.so(yaml_org_handler+0x838)[0xd92fb8]
/usr/lib/ruby/1.8/i386-linux/syck.so(syck_defaultresolver_node_import+0x3f)[0xd9331f]
/usr/lib/libruby.so.1.8[0x1b7e2a]
/usr/lib/libruby.so.1.8[0x1bf55b]
/usr/lib/libruby.so.1.8[0x1c0278]
/usr/lib/libruby.so.1.8[0x1c0832]
/usr/lib/libruby.so.1.8(rb_funcall+0x20)[0x1c09c0]
/usr/lib/ruby/1.8/i386-linux/syck.so(rb_syck_load_handler+0x69)[0xd920c9]

Comment 13 Vít Ondruch 2012-07-12 05:51:54 UTC

(In reply to comment #12)
> Looking at bug 773704 , this was worked around for openshift, but all other
> ruby gems installs are still broken (at least the half dozen I tried).

Hi Bill,

The fix is scheduled for next Red Hat Enterprise Linux 5 release. Stay tuned.

Comment 14 Bill McGonigle 2012-07-12 17:48:44 UTC

Thanks, Vít!

Comment 15 Paul Reiber 2013-02-05 23:29:34 UTC

Greetings Vít,

You wrote:
> The fix is scheduled for next Red Hat Enterprise Linux 5 release. Stay tuned.

The problem still appears to exist in ruby-1.8.5-19.el5_6.1.x86_64

Can you confirm if a fix was applied to that version, or if possibly a fix is still in the works for a future version?

Thank you so much!
-Paul

Comment 16 Vít Ondruch 2013-02-06 08:02:42 UTC

(In reply to comment #15)
Hello Paul,

You version of Ruby is quite old indeed. The most recent version of Ruby available in Red Hat Enterprise Linux 5 is ruby-1.8.5-27.el5.x86_64.rpm covered by this [1] errata. Please update to this version. Thank you.

[1] http://rhn.redhat.com/errata/RHSA-2013-0129.html

Note You need to log in before you can comment on or make changes to this bug.