_multiprocessing.Connection() allows to use any positive (or nul)
number has socket handle. If you use an invalid file descriptor,
poll() method may crash (especially for big positive integer).
Example:

>>> import _multiprocessing
>>> obj = _multiprocessing.Connection(44977608)
>>> obj.poll()
Erreur de segmentation (core dumped)

Fix: use fstat() to make sure that the handle is valid. Attached patch
implements this feature.

Another solution would be to reuse code from Modules/selectmodule.c.

Ooops, there is a typo in my last patch: it's "struct stat statbuf;"
and not "struct stat *statbuf;"! Here is a new version of the patch.

From Victor:
Ok, here is a patch for test_multiprocessing.py.

• TestClosedFile.test_open() verify that Connection() rejects closed file
  descriptor
• TestClosedFile.test_operations() verify that Connection() raises IOError
  for
  operations on closed file

I don't know if Connection() is a socket or a pipe. Both should be tested.

I'm quite sure that neither the patch nor the new test make sense on
Windows. A file handle is not a file descriptor!

Without someone offering some windows help, I won't be able to do a patch.
My windows fu is lacking.

Note that Windows does not crash in such cases:

>>> import socket, _multiprocessing
>>> obj = _multiprocessing.Connection(44977608)
>>> obj.poll()
IOError: [Errno 10038] An operation was attempted on something that is
not a socket

>>> s = socket.socket()
>>> obj = _multiprocessing.Connection(s.fileno())
>>> obj.poll()
False
>>> s.close()
>>> obj.poll()
IOError: [Errno 10038] An operation was attempted on something that is
not a socket

So some "#ifndef MS_WINDOWS" should be enough...

I thought socket handle on BeOS is not file descripter neighter. (I'm
not sure BeOS is still supported or not)

Another solution would be to reuse code from Modules/selectmodule.c.

You mean this code?

if (v < 0 || v >= FD_SETSIZE) {
	PyErr_SetString(PyExc_ValueError,
		    "filedescriptor out of range in select()");
	goto finally;
}

Cygwin's thread is somewhat troublesome, so I'm not sure I can test this
issue on cygwin but, (I'm now building python --with-threads) if clash
happens in conn_poll(_multiprocessing/connection.h)'s FD_SET, I think
this kind of check is needed... (At least safer)

I've implemented "another solution". test_open() in
test_multithreading.patch won't pass though.... It'll raise error in
conn.poll() not in constructor.

$ ./dummy.exe b.py
Traceback (most recent call last):
  File "b.py", line 6, in <module>
    conn.poll()
IOError: [Errno 9] Bad file descriptor

test_operations() will pass.

Attached is a patch+test for this condition, which is not used if we're
running on windows.

Curse you hard-tabs. Here's the new patch w/ fixed comment

Removed raise TestSkip per code review from bpeterson

Committed patch as r68768 to python-trunk

@jnoller: Hey, you removed my patch! My patch used fstat() in
Connection constructor, whereas your just check file descriptor bounds
in the poll() method. And what is the "save" new argument? Is it
related to this issue?

The save was needed for the Py_BLOCK_THREADS call.

Ugh, I didn't mean to chuck your original patch, but it also wasn't
correct for win32

Additionally, if you close the handle from underneath it, it behaves
properly:

>>> obj.poll()
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
IOError: [Errno 9] Bad file descriptor
>>>

Why don't you check the file descriptor directly in connection_new()?
conn->handle is read only and so can't be changed before the call to
poll(). So other methods will also be "protected" and the error will
be raised earlier.

That's an enhancement - not a bad idea, I just noticed that this issue is
pretty close to issue http://bugs.python.org/issue3311 as well.

jnoller> issue bpo-3311

Oh, I forgot this issue :-) But the fix doesn't solve bpo-3311, because
it is disabled on Windows and only protect poll() method.

Oh, I agree - I think we should update 3311 with the enhancement to move
the check to connection_new