Message 329478 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	izbyshev
Recipients	izbyshev, serhiy.storchaka, vstinner
Date	2018-11-08.15:43:42
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1541691823.13.0.788709270274.issue35191@psf.upfronthosting.co.za>
In-reply-to

Content
UBSAN with -fsanitize=implicit-integer-truncation reported a suspicious case: testSetBlocking_overflow (test.test_socket.NonBlockingTCPTests) ... /scratch2/izbyshev/cpython/Modules/socketmodule.c:2688:33: runtime error: implicit conversion from type 'long' of value 4294967296 (64-bit, signed) to type 'int' changed the value to 0 (32-bit, signed) It turned out that sock_setblocking() converts its (logically boolean) argument to long, but then passes it to internal_setblocking() which accepts int (https://github.com/python/cpython/blob/fd512d76456b65c529a5bc58d8cfe73e4a10de7a/Modules/socketmodule.c#L2688). This results in unexpected truncation on platforms with 64-bit long. testSetBlocking_overflow() which is supposed to check this doesn't work because it only checks socket timeout which is updated correctly. However, the actual state of socket descriptor is changed to the opposite value (non-blocking) in this case.

UBSAN with -fsanitize=implicit-integer-truncation reported a suspicious case:

testSetBlocking_overflow (test.test_socket.NonBlockingTCPTests) ... /scratch2/izbyshev/cpython/Modules/socketmodule.c:2688:33: runtime error: implicit conversion from type 'long' of value 4294967296 (64-bit, signed) to type 'int' changed the value to 0 (32-bit, signed)

It turned out that sock_setblocking() converts its (logically boolean) argument to long, but then passes it to internal_setblocking() which accepts int (https://github.com/python/cpython/blob/fd512d76456b65c529a5bc58d8cfe73e4a10de7a/Modules/socketmodule.c#L2688). This results in unexpected truncation on platforms with 64-bit long.

testSetBlocking_overflow() which is supposed to check this doesn't work because it only checks socket timeout which is updated correctly. However, the actual state of socket descriptor is changed to the opposite value (non-blocking) in this case.

History
Date	User	Action	Args
2018-11-08 15:43:43	izbyshev	set	recipients: + izbyshev, vstinner, serhiy.storchaka
2018-11-08 15:43:43	izbyshev	set	messageid: <1541691823.13.0.788709270274.issue35191@psf.upfronthosting.co.za>
2018-11-08 15:43:43	izbyshev	link	issue35191 messages
2018-11-08 15:43:42	izbyshev	create