From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ruby-core-bounces@ruby-lang.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: AS4713 221.184.0.0/13
X-Spam-Status: No, score=-2.7 required=3.0 tests=AWL,BAYES_00,
	DKIM_ADSP_CUSTOM_MED,FORGED_GMAIL_RCVD,FREEMAIL_FORGED_FROMDOMAIN,
	FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS shortcircuit=no autolearn=no
	autolearn_force=no version=3.4.2
Received: from neon.ruby-lang.org (neon.ruby-lang.org [221.186.184.75])
	by dcvr.yhbt.net (Postfix) with ESMTP id B9D9C1F731
	for <normalperson@yhbt.net>; Thu,  1 Aug 2019 13:18:44 +0000 (UTC)
Received: from neon.ruby-lang.org (localhost [IPv6:::1])
	by neon.ruby-lang.org (Postfix) with ESMTP id 19A02120DE0;
	Thu,  1 Aug 2019 22:18:35 +0900 (JST)
Received: from o1678916x28.outbound-mail.sendgrid.net
 (o1678916x28.outbound-mail.sendgrid.net [167.89.16.28])
 by neon.ruby-lang.org (Postfix) with ESMTPS id 56647120DDB
 for <ruby-core@ruby-lang.org>; Thu,  1 Aug 2019 22:18:32 +0900 (JST)
Received: by filter0169p3mdw1.sendgrid.net with SMTP id
 filter0169p3mdw1-7038-5D42E6A9-C5
 2019-08-01 13:18:33.897352052 +0000 UTC m=+497104.844680804
Received: from herokuapp.com (unknown [54.226.54.0])
 by ismtpd0024p1iad2.sendgrid.net (SG) with ESMTP id YMceRroCRL6Ajyn3p9lcAQ
 for <ruby-core@ruby-lang.org>; Thu, 01 Aug 2019 13:18:33.713 +0000 (UTC)
Date: Thu, 01 Aug 2019 13:18:33 +0000 (UTC)
From: nagachika00@gmail.com
Message-ID: <redmine.journal-80327.20190801131833.e07a4b54fff9e39b@ruby-lang.org>
References: <redmine.issue-15847.20190513150725@ruby-lang.org>
Mime-Version: 1.0
X-Redmine-MailingListIntegration-Message-Ids: 69601
X-Redmine-Project: ruby-trunk
X-Redmine-Issue-Id: 15847
X-Redmine-Issue-Author: graywolf
X-Redmine-Sender: nagachika
X-Mailer: Redmine
X-Redmine-Host: bugs.ruby-lang.org
X-Redmine-Site: Ruby Issue Tracking System
X-Auto-Response-Suppress: All
Auto-Submitted: auto-generated
X-SG-EID: =?us-ascii?Q?O2wxg26uOO6cft6GjkEp=2FGevTnH9lR=2FEdG60AX3F8=2FCvuHWJ1lCz+7FPZGGg4Y?=
 =?us-ascii?Q?f5feT5O17g+ughpv1q8WYoekY0xyCQF60GL94MO?=
 =?us-ascii?Q?yv=2FwPv1riVDt9cGSbMHBU5YN6Tjl3bA+wu19cEx?=
 =?us-ascii?Q?kBvXFa5gqCDUH+6BDBXw5jXKjqm+2tZuspAxe3K?=
 =?us-ascii?Q?4YLAM3GpQkvcVVu6ihyGPdOx6YSuOPEpUMg=3D=3D?=
To: ruby-core@ruby-lang.org
X-ML-Name: ruby-core
X-Mail-Count: 94094
Subject: [ruby-core:94094] [Ruby master Bug#15847] SecureRandom#gen_random
 becomes private after first invocation
X-BeenThere: ruby-core@ruby-lang.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Ruby developers <ruby-core@ruby-lang.org>
List-Id: Ruby developers <ruby-core.ruby-lang.org>
List-Unsubscribe: <https://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>, 
 <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
List-Post: <mailto:ruby-core@ruby-lang.org>
List-Help: <mailto:ruby-core-request@ruby-lang.org?subject=help>
List-Subscribe: <https://lists.ruby-lang.org/cgi-bin/mailman/listinfo/ruby-core>, 
 <mailto:ruby-core-request@ruby-lang.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ruby-core-bounces@ruby-lang.org
Sender: "ruby-core" <ruby-core-bounces@ruby-lang.org>

Issue #15847 has been updated by nagachika (Tomoyuki Chikanaga).

Backport changed from 2.4: DONTNEED, 2.5: REQUIRED, 2.6: REQUIRED to 2.4: DONTNEED, 2.5: REQUIRED, 2.6: DONE

ruby_2_6 r67723 merged revision(s) 5bab1304af25a843728dbcd2f3594913740aecb0.

----------------------------------------
Bug #15847: SecureRandom#gen_random becomes private after first invocation
https://bugs.ruby-lang.org/issues/15847#change-80327

* Author: graywolf (Gray Wolf)
* Status: Closed
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: ruby 2.5.5p157 (2019-03-15 revision 67260) [x86_64-linux]
* Backport: 2.4: DONTNEED, 2.5: REQUIRED, 2.6: DONE
----------------------------------------
There seems to be an issue with `SecureRandom#gen_random` becoming private after first invocation:

```
+   $ /tmp/my_ruby/bin/ruby -v
ruby 2.7.0dev (2019-05-13 trunk 082bbdc92e) [x86_64-linux]
```

```
$ /tmp/my_ruby/bin/ruby \
	-e 'require "securerandom"' \
	-e 'SecureRandom.gen_random(1)'

$ /tmp/my_ruby/bin/ruby \
	-e 'require "securerandom"' \
	-e 'SecureRandom.gen_random(1)' \
	-e 'SecureRandom.gen_random(1)'
Traceback (most recent call last):
-e:3:in `<main>': private method `gen_random' called for SecureRandom:Module (NoMethodError)
```

This is caused by using alias since 2.5 ruby in secure random class. Both
`.gen_random_openssl` and `.gen_random_urandom` are private class method. Using
the `alias` on them does not remove the private property, so new `.gen_random`
is private as well. Patch fixing the issue:

```
diff --git a/lib/securerandom.rb b/lib/securerandom.rb
index 37835bf7df..2b0f3753b3 100644
--- a/lib/securerandom.rb
+++ b/lib/securerandom.rb
@@ -84,7 +84,8 @@ def gen_random(n)
           @rng_chooser.synchronize do
             class << self
               remove_method :gen_random
-              alias gen_random gen_random_openssl
+              alias_method(:gen_random, :gen_random_openssl)
+              public(:gen_random)
             end
           end
           return gen_random(n)
@@ -93,7 +94,8 @@ class << self
         @rng_chooser.synchronize do
           class << self
             remove_method :gen_random
-            alias gen_random gen_random_urandom
+            alias_method(:gen_random, :gen_random_urandom)
+            public(:gen_random)
           end
         end
         return gen_random(n)
```

This bug is not present in 2.4.6. First noticed on 2.5.5. Examples in this
ticket are from current trunk.




-- 
https://bugs.ruby-lang.org/