classification
Title: fileno argument to socket.socket is not validated
Type: Stage: patch review
Components: Versions: Python 3.8
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: Dima.Tisnek
Priority: normal Keywords: patch

Created on 2018-12-05 08:41 by Dima.Tisnek, last changed 2018-12-05 08:43 by python-dev.

Pull Requests
URL Status Linked Edit
PR 10917 open python-dev, 2018-12-05 08:43
Messages (1)
msg331096 - (view) Author: Dima Tisnek (Dima.Tisnek) * Date: 2018-12-05 08:41
socket.socket gained a fileno= kwarg the value of which is not checked if address family and socket type are both provided.

For example, following is accepted:

>>> socket.socket(socket.AF_INET, socket.SOCK_STREAM, fileno=-1234)
>>> socket.socket(socket.AF_INET, socket.SOCK_STREAM, fileno=1234)
>>> socket.socket(socket.AF_INET, socket.SOCK_STREAM, fileno=0.999)

Resulting in a socket object that will fail at runtime.

One of the implications is that it's possible to "steal" file descriptor, i.e. create a socket for an fd that doesn't exist; then some other function/thread happens to create e.g. socket with this specific fd, which can be "unexpectedly" used (or closed or modified, e.g. non-blocking changed) through the first socket object.

Additionally if the shorthand is used, the exception raised in these cases has odd text, at least it was misleading for me.

>>> socket.socket(fileno=get_wrong_fd_from_somewhere())
[snip]
OSError: [Errno 9] Bad file descriptor: 'family'

I thought that I had a bug whereby a string was passed in instead of an int fd;
Ultimately I had to look in cpython source code to understand what the "family" meant.

I volunteer to submit a patch!
History
Date User Action Args
2018-12-05 08:43:39python-devsetkeywords: + patch
stage: patch review
pull_requests: + pull_request10156
2018-12-05 08:41:12Dima.Tisnekcreate