diff options
| author | Martin Panter <vadmium+py@gmail.com> | 2016-03-27 05:35:19 (GMT) |
|---|---|---|
| committer | Martin Panter <vadmium+py@gmail.com> | 2016-03-27 05:35:19 (GMT) |
| commit | 5503d4731e822e90eea387efa37934d2df41c784 (patch) | |
| tree | de55bcb02b77072ad1e4c8c78029d177652f8485 | |
| parent | 13f0c6166ff41c0971755dcb0ab7f8205f0b32a1 (diff) | |
| download | cpython-5503d4731e822e90eea387efa37934d2df41c784.zip cpython-5503d4731e822e90eea387efa37934d2df41c784.tar.gz cpython-5503d4731e822e90eea387efa37934d2df41c784.tar.bz2 | |
Issue #26644: Raise ValueError for negative SSLSocket.recv() and read()
| -rw-r--r-- | Lib/test/test_ssl.py | 11 | ||||
| -rw-r--r-- | Misc/NEWS | 3 | ||||
| -rw-r--r-- | Modules/_ssl.c | 5 |
3 files changed, 19 insertions, 0 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 9a48483..8c0dd31 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -2792,6 +2792,13 @@ else: # consume data s.read() + # read(-1, buffer) is supported, even though read(-1) is not + data = b"data" + s.send(data) + buffer = bytearray(len(data)) + self.assertEqual(s.read(-1, buffer), len(data)) + self.assertEqual(buffer, data) + # Make sure sendmsg et al are disallowed to avoid # inadvertent disclosure of data and/or corruption # of the encrypted data stream @@ -2801,6 +2808,10 @@ else: s.recvmsg_into, bytearray(100)) s.write(b"over\n") + + self.assertRaises(ValueError, s.recv, -1) + self.assertRaises(ValueError, s.read, -1) + s.close() def test_nonblocking_send(self): @@ -94,6 +94,9 @@ Core and Builtins Library ------- +- Issue #26644: Raise ValueError rather than SystemError when a negative + length is passed to SSLSocket.recv() or read(). + - Issue #26616: Fixed a bug in datetime.astimezone() method. - Issue #21925: :func:`warnings.formatwarning` now catches exceptions on diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 3377138..51b5399 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -1895,6 +1895,11 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1, _PyTime_t timeout, deadline = 0; int has_timeout; + if (!group_right_1 && len < 0) { + PyErr_SetString(PyExc_ValueError, "size should not be negative"); + return NULL; + } + if (sock != NULL) { if (((PyObject*)sock) == Py_None) { _setSSLError("Underlying socket connection gone", |