classification
Title: asyncore doesn't properly handle EINVAL on OSX
Type: security Stage: resolved
Components: Library (Lib) Versions: Python 3.2, Python 3.3, Python 2.7
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: giampaolo.rodola Nosy List: brett.cannon, devin, giampaolo.rodola, ixokai, josiah.carlson, python-dev, r.david.murray
Priority: normal Keywords: buildbot, patch

Created on 2010-11-06 14:56 by giampaolo.rodola, last changed 2013-04-01 13:31 by brett.cannon. This issue is now closed.

Files
File name Uploaded Description Edit
asyncore.patch giampaolo.rodola, 2010-11-06 16:46 review
Messages (16)
msg120620 - (view) Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) Date: 2010-11-06 14:56
http://code.google.com/p/pyftpdlib/issues/detail?id=143
This comes from a user who sent me a report via e-mail. Unfortunately I don't have an OSX box to test against.

Code which should replicate the problem is this:

import socket, struct
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER, struct.pack('ii', 1, 0))
s.connect(('localhost', 21))
s.close()

...while this is a fix I think it should work:

Index: Lib/asyncore.py
===================================================================
--- Lib/asyncore.py	(revisione 86084)
+++ Lib/asyncore.py	(copia locale)
@@ -242,7 +242,7 @@
             try:
                 self.addr = sock.getpeername()
             except socket.error, err:
-                if err.args[0] == ENOTCONN:
+                if err.args[0] in (ENOTCONN, EINVAL):
                     # To handle the case where we got an unconnected
                     # socket.
                     self.connected = False


Nosying ixokai as I know he has an OSX box to test against.
Setting "high" priority and type == "security" as asyncore-based servers are likely to crash because of this.
It might even make sense to backport the fix in Python 2.6 because of the security implications.
msg120636 - (view) Author: Stephen Hansen (ixokai) Date: 2010-11-06 16:17
I can verify the problem exists in asyncore at release27-maint on the mac, and that the below patch fixes it.

After applying, I ran a full regrtest and nothing new broke.
msg120639 - (view) Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) Date: 2010-11-06 16:42
While writing a test case for this I found out another problem in asyncore: handle_connect was erroneously called when the dispatcher delegates the connection to a handler resulting in ENOTCONN being raised.
Patch in attachment targeted for python 2.7 should fix both issues.
msg120640 - (view) Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) Date: 2010-11-06 16:46
Forgot to attach the patch.
msg123893 - (view) Author: R. David Murray (r.david.murray) * (Python committer) Date: 2010-12-13 19:12
"Might even make sense" to backport doesn't sound like a definite, so I've removed 2.6 and 2.5 from versions.  You'll want to ask the release managers for a decision if you want to backport.
msg156567 - (view) Author: Roundup Robot (python-dev) Date: 2012-03-22 15:06
New changeset 8c19c9914c22 by Giampaolo Rodola' in branch '2.7':
fix #10340: properly handle EINVAL on OSX and also avoid to call handle_connect() in case of a disconnetected socket which is not meant to connect.
http://hg.python.org/cpython/rev/8c19c9914c22
msg156570 - (view) Author: Roundup Robot (python-dev) Date: 2012-03-22 15:19
New changeset e2cddb3f4526 by Giampaolo Rodola' in branch '3.2':
fix #10340: properly handle EINVAL on OSX and also avoid to call handle_connect() in case of a disconnetected socket which is not meant to connect.
http://hg.python.org/cpython/rev/e2cddb3f4526

New changeset 6ffdca50a5ef by Giampaolo Rodola' in branch 'default':
merge 79422b3684f1 in 3.3 branch (issue 10340)
http://hg.python.org/cpython/rev/6ffdca50a5ef
msg156572 - (view) Author: Roundup Robot (python-dev) Date: 2012-03-22 15:23
New changeset 8c1fd9276b25 by Giampaolo Rodola' in branch '3.2':
issue 10340 - forgot to update Misc/NEWS
http://hg.python.org/cpython/rev/8c1fd9276b25
msg156573 - (view) Author: Roundup Robot (python-dev) Date: 2012-03-22 15:24
New changeset 13cefcbcc7da by Giampaolo Rodola' in branch 'default':
fix #10340: properly handle EINVAL on OSX and also avoid to call handle_connect() in case of a disconnetected socket which is not meant to connect.
http://hg.python.org/cpython/rev/13cefcbcc7da
msg156586 - (view) Author: R. David Murray (r.david.murray) * (Python committer) Date: 2012-03-22 16:16
This appears to be causing buildbot failures:

http://www.python.org/dev/buildbot/all/builders/x86%20debian%20parallel%203.x/builds/4077

http://www.python.org/dev/buildbot/all/builders/AMD64%20Gentoo%20Wide%203.x/builds/3520
msg156653 - (view) Author: Roundup Robot (python-dev) Date: 2012-03-23 12:30
New changeset e35a5bbb0b91 by Giampaolo Rodola' in branch 'default':
fix failing asyncore test as per http://bugs.python.org/issue10340#msg156586
http://hg.python.org/cpython/rev/e35a5bbb0b91
msg156654 - (view) Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) Date: 2012-03-23 12:31
Sorry about that. It should now be fixed.
msg156657 - (view) Author: R. David Murray (r.david.murray) * (Python committer) Date: 2012-03-23 13:17
Better, but not stable:

http://www.python.org/dev/buildbot/all/builders/AMD64%20OpenIndiana%203.2/builds/984/steps/test/logs/stdio

http://www.python.org/dev/buildbot/all/builders/x86%20OpenIndiana%203.2/builds/998/steps/test/logs/stdio
msg156662 - (view) Author: Giampaolo Rodola' (giampaolo.rodola) * (Python committer) Date: 2012-03-23 14:22
http://hg.python.org/cpython/rev/0b960e41e533
Let's see how it goes.
msg182813 - (view) Author: Devin Cook (devin) Date: 2013-02-23 20:15
This looks resolved. Can it be closed?
msg185739 - (view) Author: Brett Cannon (brett.cannon) * (Python committer) Date: 2013-04-01 13:31
I'm assuming that the buildbots stabilized so I'm going to go ahead and close this.
History
Date User Action Args
2013-04-01 13:31:59brett.cannonsetstatus: open -> closed
nosy: + brett.cannon
messages: + msg185739

2013-02-23 20:15:33devinsetnosy: + devin
messages: + msg182813
2012-03-23 14:22:06giampaolo.rodolasetmessages: + msg156662
2012-03-23 13:17:12r.david.murraysetmessages: + msg156657
2012-03-23 12:31:13giampaolo.rodolasetmessages: + msg156654
2012-03-23 12:30:03python-devsetmessages: + msg156653
2012-03-22 16:16:45r.david.murraysetstatus: closed -> open
keywords: + buildbot
messages: + msg156586
2012-03-22 15:26:28giampaolo.rodolasetstatus: open -> closed
assignee: giampaolo.rodola
stage: patch review -> resolved
resolution: fixed
priority: high -> normal
2012-03-22 15:24:41python-devsetmessages: + msg156573
2012-03-22 15:23:40python-devsetmessages: + msg156572
2012-03-22 15:19:54python-devsetmessages: + msg156570
2012-03-22 15:06:53python-devsetnosy: + python-dev
messages: + msg156567
2011-06-12 21:30:04terry.reedysetversions: + Python 3.3, - Python 3.1
2010-12-13 19:12:18r.david.murraysetnosy: + r.david.murray
messages: + msg123893
2010-12-13 19:10:16r.david.murraysetversions: - Python 2.6, Python 2.5
2010-11-06 16:46:33giampaolo.rodolasetfiles: + asyncore.patch

messages: + msg120640
2010-11-06 16:42:20giampaolo.rodolasetnosy: + josiah.carlson

versions: + Python 2.5
2010-11-06 16:42:05giampaolo.rodolasetmessages: + msg120639
2010-11-06 16:17:35ixokaisetmessages: + msg120636
2010-11-06 14:56:30giampaolo.rodolacreate