diff options
| author | Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> | 2023-01-23 23:27:41 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-23 23:27:41 (GMT) |
| commit | 81266281073f498349d6e98563a6519e2b94a1c4 (patch) | |
| tree | c0b951c1445de727cfc8aaf6be9d95acbf19aebc | |
| parent | e24c73e71e952028bc702a741241ff79c23eb30e (diff) | |
| download | cpython-81266281073f498349d6e98563a6519e2b94a1c4.zip cpython-81266281073f498349d6e98563a6519e2b94a1c4.tar.gz cpython-81266281073f498349d6e98563a6519e2b94a1c4.tar.bz2 | |
gh-100795: Don't call freeaddrinfo on failure. (GH-101252)
When getaddrinfo returns an error, the output pointer is in an unknown state
Don't call freeaddrinfo on it. See the issue for discussion and details with
links to reasoning. _Most_ libc getaddrinfo implementations never modify the
output pointer unless they are returning success.
(cherry picked from commit b724ac2fe7fbb5a7a33d639cad8e748f17b325e0)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Co-authored-by: Sergey G. Brester <github@sebres.de>
Co-authored-by: Oleg Iarygin <dralife@yandex.ru>
| -rw-r--r-- | Misc/NEWS.d/next/Library/2023-01-21-16-50-22.gh-issue-100795.NPMZf7.rst | 3 | ||||
| -rw-r--r-- | Modules/socketmodule.c | 4 |
2 files changed, 7 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Library/2023-01-21-16-50-22.gh-issue-100795.NPMZf7.rst b/Misc/NEWS.d/next/Library/2023-01-21-16-50-22.gh-issue-100795.NPMZf7.rst new file mode 100644 index 0000000..4cb56ea --- /dev/null +++ b/Misc/NEWS.d/next/Library/2023-01-21-16-50-22.gh-issue-100795.NPMZf7.rst @@ -0,0 +1,3 @@ +Avoid potential unexpected ``freeaddrinfo`` call (double free) in :mod:`socket` +when when a libc ``getaddrinfo()`` implementation leaves garbage in an output +pointer when returning an error. Original patch by Sergey G. Brester. diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c index 6a9ac2c..0762a8d 100644 --- a/Modules/socketmodule.c +++ b/Modules/socketmodule.c @@ -1053,6 +1053,7 @@ setipaddr(const char *name, struct sockaddr *addr_ret, size_t addr_ret_size, int subsequent call to getaddrinfo() does not destroy the outcome of the first call. */ if (error) { + res = NULL; // no-op, remind us that it is invalid; gh-100795 set_gaierror(error); return -1; } @@ -1163,6 +1164,7 @@ setipaddr(const char *name, struct sockaddr *addr_ret, size_t addr_ret_size, int #endif Py_END_ALLOW_THREADS if (error) { + res = NULL; // no-op, remind us that it is invalid; gh-100795 set_gaierror(error); return -1; } @@ -6514,6 +6516,7 @@ socket_getaddrinfo(PyObject *self, PyObject *args, PyObject* kwargs) error = getaddrinfo(hptr, pptr, &hints, &res0); Py_END_ALLOW_THREADS if (error) { + res0 = NULL; // gh-100795 set_gaierror(error); goto err; } @@ -6608,6 +6611,7 @@ socket_getnameinfo(PyObject *self, PyObject *args) error = getaddrinfo(hostp, pbuf, &hints, &res); Py_END_ALLOW_THREADS if (error) { + res = NULL; // gh-100795 set_gaierror(error); goto fail; } |