Author pitrou
Recipients janssen, pitrou
Date 2009-01-17.02:36:47
SpamBayes Score 0.017547
Marked as misclassified No
Message-id <1232159812.52.0.781690409094.issue4967@psf.upfronthosting.co.za>
In-reply-to
Content
The read() method on ssl objects can take a buffer as a parameter, but
the method is buggy in this case:

- it only accepts bytearrays, while it should accept any object
supporting the buffer protocol in write mode
- when the object is not a bytearray, it returns NULL without setting
the current exception
- since it doesn't attempt to get a buffer export from the object, there
is no protection and the buffer could be resized while the method
releases the GIL, leading to a likely crash

This patch solves all three issues. Note that I'm not able to write an
unit test for it, because test_ssl.py is too high-level (it looks more
like functional tests than unit tests). Also, the only reason I
discovered this is that it made some tests fail on the io-in-C branch
(which uses readinto() a lot). I'm a complete SSL newbie.
History
Date User Action Args
2009-01-17 02:36:53pitrousetrecipients: + pitrou, janssen
2009-01-17 02:36:52pitrousetmessageid: <1232159812.52.0.781690409094.issue4967@psf.upfronthosting.co.za>
2009-01-17 02:36:50pitroulinkissue4967 messages
2009-01-17 02:36:48pitroucreate