diff options
| author | Victor Stinner <victor.stinner@gmail.com> | 2013-12-19 15:47:04 (GMT) |
|---|---|---|
| committer | Victor Stinner <victor.stinner@gmail.com> | 2013-12-19 15:47:04 (GMT) |
| commit | 1e81a399a25edd23d76601c0c421bdad46b5c19c (patch) | |
| tree | beaedf5a8b1782167295d366361600f3f7603e62 | |
| parent | cb1f74ec405b81dd1319b616829dd576a48603f8 (diff) | |
| download | cpython-1e81a399a25edd23d76601c0c421bdad46b5c19c.zip cpython-1e81a399a25edd23d76601c0c421bdad46b5c19c.tar.gz cpython-1e81a399a25edd23d76601c0c421bdad46b5c19c.tar.bz2 | |
Issue #20025: ssl.RAND_bytes() and ssl.RAND_pseudo_bytes() now raise a
ValueError if num is negative (instead of raising a SystemError).
| -rw-r--r-- | Lib/test/test_ssl.py | 4 | ||||
| -rw-r--r-- | Modules/_ssl.c | 5 |
2 files changed, 9 insertions, 0 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index f235daf..f3b5695 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -126,6 +126,10 @@ class BasicSocketTests(unittest.TestCase): else: self.assertRaises(ssl.SSLError, ssl.RAND_bytes, 16) + # negative num is invalid + self.assertRaises(ValueError, ssl.RAND_bytes, -5) + self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5) + self.assertRaises(TypeError, ssl.RAND_egd, 1) self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1) ssl.RAND_add("this is a random string", 75.0) diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 374d930..4b02d8d 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -2486,6 +2486,11 @@ PySSL_RAND(int len, int pseudo) const char *errstr; PyObject *v; + if (len < 0) { + PyErr_SetString(PyExc_ValueError, "num must be positive"); + return NULL; + } + bytes = PyBytes_FromStringAndSize(NULL, len); if (bytes == NULL) return NULL; |