From a12cf6996ba521be61084887469cba797e3ec679 Mon Sep 17 00:00:00 2001 From: Alexander Polcyn Date: Wed, 29 Jul 2020 14:24:05 -0700 Subject: [PATCH] Fix ruby segfault on nil optional creds params --- src/ruby/ext/grpc/rb_channel_credentials.c | 9 +++++++++ src/ruby/spec/channel_credentials_spec.rb | 10 ++++++++++ 2 files changed, 19 insertions(+) diff --git a/src/ruby/ext/grpc/rb_channel_credentials.c b/src/ruby/ext/grpc/rb_channel_credentials.c index 970bc4eeb11..60f1605f2c1 100644 --- a/src/ruby/ext/grpc/rb_channel_credentials.c +++ b/src/ruby/ext/grpc/rb_channel_credentials.c @@ -165,6 +165,15 @@ static VALUE grpc_rb_channel_credentials_init(int argc, VALUE* argv, if (pem_private_key == Qnil && pem_cert_chain == Qnil) { creds = grpc_ssl_credentials_create(pem_root_certs_cstr, NULL, NULL, NULL); } else { + if (pem_private_key == Qnil) { + rb_raise( + rb_eRuntimeError, + "could not create a credentials because pem_private_key is NULL"); + } + if (pem_cert_chain == Qnil) { + rb_raise(rb_eRuntimeError, + "could not create a credentials because pem_cert_chain is NULL"); + } key_cert_pair.private_key = RSTRING_PTR(pem_private_key); key_cert_pair.cert_chain = RSTRING_PTR(pem_cert_chain); creds = grpc_ssl_credentials_create(pem_root_certs_cstr, &key_cert_pair, diff --git a/src/ruby/spec/channel_credentials_spec.rb b/src/ruby/spec/channel_credentials_spec.rb index b05e5aebf89..b7453d051a7 100644 --- a/src/ruby/spec/channel_credentials_spec.rb +++ b/src/ruby/spec/channel_credentials_spec.rb @@ -50,6 +50,16 @@ describe GRPC::Core::ChannelCredentials do blk = proc { ChannelCredentials.new(nil) } expect(&blk).not_to raise_error end + + it 'fails gracefully with constructed with a nil private key' do + blk = proc { GRPC::Core::ChannelCredentials.new(nil, nil, '') } + expect(&blk).to raise_error + end + + it 'fails gracefully with constructed with a nil cert chain' do + blk = proc { GRPC::Core::ChannelCredentials.new(nil, '', nil) } + expect(&blk).to raise_error + end end describe '#compose' do