Message79996
| Author |
pitrou |
| Recipients |
janssen, pitrou |
| Date |
2009年01月17日.02:36:47 |
| SpamBayes Score |
0.017547023 |
| Marked as misclassified |
No |
| Message-id |
<1232159812.52.0.781690409094.issue4967@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
The read() method on ssl objects can take a buffer as a parameter, but
the method is buggy in this case:
- it only accepts bytearrays, while it should accept any object
supporting the buffer protocol in write mode
- when the object is not a bytearray, it returns NULL without setting
the current exception
- since it doesn't attempt to get a buffer export from the object, there
is no protection and the buffer could be resized while the method
releases the GIL, leading to a likely crash
This patch solves all three issues. Note that I'm not able to write an
unit test for it, because test_ssl.py is too high-level (it looks more
like functional tests than unit tests). Also, the only reason I
discovered this is that it made some tests fail on the io-in-C branch
(which uses readinto() a lot). I'm a complete SSL newbie. |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2009年01月17日 02:36:53 | pitrou | set | recipients:
+ pitrou, janssen |
| 2009年01月17日 02:36:52 | pitrou | set | messageid: <1232159812.52.0.781690409094.issue4967@psf.upfronthosting.co.za> |
| 2009年01月17日 02:36:50 | pitrou | link | issue4967 messages |
| 2009年01月17日 02:36:48 | pitrou | create |
|