From cbe558bbcc1f20573fd2667f210a44eb83dec241 Mon Sep 17 00:00:00 2001
From: shenyining <shenyining@huawei.com>
Date: Thu, 21 Mar 2019 19:42:01 +0800
Subject: [PATCH] fix CVE-2018-16395
patch url:
https://github.com/ruby/ruby/commit/93bc10272734cbbb9197470ca629cc4ea019f6f0
https://hackerone.com/reports/387250
CVE:
https://nvd.nist.gov/vuln/detail/CVE-2018-16395
https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/

Signed-off-by: shenyining <shenyining@huawei.com>
---
 ext/openssl/ossl_x509name.c   |  2 +-
 test/openssl/test_x509name.rb | 14 ++++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/ext/openssl/ossl_x509name.c b/ext/openssl/ossl_x509name.c
index c900bcb..15e4bb0 100644
--- a/ext/openssl/ossl_x509name.c
+++ b/ext/openssl/ossl_x509name.c
@@ -400,7 +400,7 @@ ossl_x509name_cmp(VALUE self, VALUE other)
 
     result = ossl_x509name_cmp0(self, other);
     if (result < 0) return INT2FIX(-1);
-    if (result > 1) return INT2FIX(1);
+    if (result > 0) return INT2FIX(1);
 
     return INT2FIX(0);
 }
diff --git a/test/openssl/test_x509name.rb b/test/openssl/test_x509name.rb
index 2d92e64..ae8a8fb 100644
--- a/test/openssl/test_x509name.rb
+++ b/test/openssl/test_x509name.rb
@@ -426,10 +426,24 @@ class OpenSSL::TestX509Name < OpenSSL::TestCase
     name0 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bar.ruby-lang.org"]])
     name1 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bar.ruby-lang.org"]])
     name2 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "baz.ruby-lang.org"]])
+    name3 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bar.ruby-langg.org"]])
+    name4 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bbz.ruby-lang.org"]])
     assert_equal true, name0 == name1
     assert_equal true, name0.eql?(name1)
+    assert_equal true, name1 == name0
+    assert_equal true, name1.eql?(name0)
     assert_equal false, name0 == name2
     assert_equal false, name0.eql?(name2)
+    assert_equal false, name2 == name0
+    assert_equal false, name2.eql?(name0)
+    assert_equal false, name0 == name3
+    assert_equal false, name0.eql?(name3)
+    assert_equal false, name3 == name0
+    assert_equal false, name3.eql?(name0)
+    assert_equal false, name0 == name4
+    assert_equal false, name0.eql?(name4)
+    assert_equal false, name4 == name0
+    assert_equal false, name4.eql?(name0)
   end
 
   def test_dup
-- 
1.8.3.1