diff options
| author | Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> | 2023-01-23 23:27:41 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-23 23:27:41 (GMT) |
| commit | 81266281073f498349d6e98563a6519e2b94a1c4 (patch) | |
| tree | c0b951c1445de727cfc8aaf6be9d95acbf19aebc /Misc/NEWS.d | |
| parent | e24c73e71e952028bc702a741241ff79c23eb30e (diff) | |
| download | cpython-81266281073f498349d6e98563a6519e2b94a1c4.zip cpython-81266281073f498349d6e98563a6519e2b94a1c4.tar.gz cpython-81266281073f498349d6e98563a6519e2b94a1c4.tar.bz2 | |
gh-100795: Don't call freeaddrinfo on failure. (GH-101252)
When getaddrinfo returns an error, the output pointer is in an unknown state
Don't call freeaddrinfo on it. See the issue for discussion and details with
links to reasoning. _Most_ libc getaddrinfo implementations never modify the
output pointer unless they are returning success.
(cherry picked from commit b724ac2fe7fbb5a7a33d639cad8e748f17b325e0)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Co-authored-by: Sergey G. Brester <github@sebres.de>
Co-authored-by: Oleg Iarygin <dralife@yandex.ru>
Diffstat (limited to 'Misc/NEWS.d')
| -rw-r--r-- | Misc/NEWS.d/next/Library/2023-01-21-16-50-22.gh-issue-100795.NPMZf7.rst | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Library/2023-01-21-16-50-22.gh-issue-100795.NPMZf7.rst b/Misc/NEWS.d/next/Library/2023-01-21-16-50-22.gh-issue-100795.NPMZf7.rst new file mode 100644 index 0000000..4cb56ea --- /dev/null +++ b/Misc/NEWS.d/next/Library/2023-01-21-16-50-22.gh-issue-100795.NPMZf7.rst @@ -0,0 +1,3 @@ +Avoid potential unexpected ``freeaddrinfo`` call (double free) in :mod:`socket` +when when a libc ``getaddrinfo()`` implementation leaves garbage in an output +pointer when returning an error. Original patch by Sergey G. Brester. |