classification
Title: Bugs in _ssl object read() when a buffer is specified
Type: crash Stage: resolved
Components: Extension Modules Versions: Python 2.7, Python 2.6
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: janssen Nosy List: benjamin.peterson, giampaolo.rodola, janssen, pitrou
Priority: critical Keywords: patch

Created on 2009-01-17 02:36 by pitrou, last changed 2009-10-21 21:11 by pitrou. This issue is now closed.

Files
File name Uploaded Description Edit
ssl-readbuffer.patch pitrou, 2009-01-17 02:36
Messages (7)
msg79996 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2009-01-17 02:36
The read() method on ssl objects can take a buffer as a parameter, but
the method is buggy in this case:

- it only accepts bytearrays, while it should accept any object
supporting the buffer protocol in write mode
- when the object is not a bytearray, it returns NULL without setting
the current exception
- since it doesn't attempt to get a buffer export from the object, there
is no protection and the buffer could be resized while the method
releases the GIL, leading to a likely crash

This patch solves all three issues. Note that I'm not able to write an
unit test for it, because test_ssl.py is too high-level (it looks more
like functional tests than unit tests). Also, the only reason I
discovered this is that it made some tests fail on the io-in-C branch
(which uses readinto() a lot). I'm a complete SSL newbie.
msg82119 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2009-02-14 21:10
Bumping to critical since the io-c branch won't be merged before this is
solved.
msg82927 - (view) Author: Benjamin Peterson (benjamin.peterson) * (Python committer) Date: 2009-02-28 17:24
I'm no ssl expert either, but the patch looks fine to me.
msg82939 - (view) Author: Benjamin Peterson (benjamin.peterson) * (Python committer) Date: 2009-02-28 19:07
Applied the patch to py3k in r70072. Do you have a trunk backport?
msg82943 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2009-02-28 19:33
No, and since I don't how to test it out of running the io-c branch on
test_ssl and test_poplib, I'd recommend not backporting it unless an SSL
expert takes a look.
msg82944 - (view) Author: Benjamin Peterson (benjamin.peterson) * (Python committer) Date: 2009-02-28 19:35
Ok, will leave as is.
msg94325 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2009-10-21 21:11
Ok, there is nothing to backport since the trunk version doesn't handle
bytearrays in the first place!
History
Date User Action Args
2009-10-21 21:11:07pitrousetstatus: open -> closed
resolution: fixed
messages: + msg94325

stage: patch review -> resolved
2009-02-28 19:35:24benjamin.petersonsetmessages: + msg82944
versions: - Python 3.0, Python 3.1
2009-02-28 19:33:38pitrousetmessages: + msg82943
2009-02-28 19:07:41benjamin.petersonsetmessages: + msg82939
2009-02-28 17:24:07benjamin.petersonsetnosy: + benjamin.peterson
messages: + msg82927
2009-02-14 21:10:09pitrousetpriority: normal -> critical
messages: + msg82119
2009-02-14 21:09:33pitroulinkissue4565 dependencies
2009-01-17 14:47:58giampaolo.rodolasetnosy: + giampaolo.rodola
2009-01-17 02:36:51pitroucreate