diff options
| author | Dima Tisnek <dimaqq@gmail.com> | 2018-12-17 13:07:55 (GMT) |
|---|---|---|
| committer | Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> | 2018-12-17 13:07:55 (GMT) |
| commit | e991270363435da12049ecfe70bb69bd9c14b535 (patch) | |
| tree | 538e8f22e498cee250e54230e304ae11668cfab0 /Modules | |
| parent | 05c1b387f1cad3d3d005bb98ad42b1e31eb9e379 (diff) | |
| download | cpython-e991270363435da12049ecfe70bb69bd9c14b535.zip cpython-e991270363435da12049ecfe70bb69bd9c14b535.tar.gz cpython-e991270363435da12049ecfe70bb69bd9c14b535.tar.bz2 | |
bpo-35415: validate fileno argument to socket.socket (GH-10917)
https://bugs.python.org/issue35415
Diffstat (limited to 'Modules')
| -rw-r--r-- | Modules/socketmodule.c | 49 |
1 files changed, 29 insertions, 20 deletions
diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c index 73d3e1a..66e52f8 100644 --- a/Modules/socketmodule.c +++ b/Modules/socketmodule.c @@ -5018,28 +5018,45 @@ sock_initobj(PyObject *self, PyObject *args, PyObject *kwds) else #endif { + + if (PyFloat_Check(fdobj)) { + PyErr_SetString(PyExc_TypeError, + "integer argument expected, got float"); + return -1; + } + fd = PyLong_AsSocket_t(fdobj); if (fd == (SOCKET_T)(-1) && PyErr_Occurred()) return -1; +#ifdef MS_WINDOWS if (fd == INVALID_SOCKET) { - PyErr_SetString(PyExc_ValueError, - "can't use invalid socket value"); +#else + if (fd < 0) { +#endif + PyErr_SetString(PyExc_ValueError, "negative file descriptor"); return -1; } - if (family == -1) { - sock_addr_t addrbuf; - socklen_t addrlen = sizeof(sock_addr_t); + /* validate that passed file descriptor is valid and a socket. */ + sock_addr_t addrbuf; + socklen_t addrlen = sizeof(sock_addr_t); - memset(&addrbuf, 0, addrlen); - if (getsockname(fd, SAS2SA(&addrbuf), &addrlen) == 0) { + memset(&addrbuf, 0, addrlen); + if (getsockname(fd, SAS2SA(&addrbuf), &addrlen) == 0) { + if (family == -1) { family = SAS2SA(&addrbuf)->sa_family; - } else { + } + } else { #ifdef MS_WINDOWS - PyErr_SetFromWindowsErrWithFilename(0, "family"); + /* getsockname() on an unbound socket is an error on Windows. + Invalid descriptor and not a socket is same error code. + Error out if family must be resolved, or bad descriptor. */ + if (family == -1 || CHECK_ERRNO(ENOTSOCK)) { #else - PyErr_SetFromErrnoWithFilename(PyExc_OSError, "family"); + /* getsockname() is not supported for SOL_ALG on Linux. */ + if (family == -1 || CHECK_ERRNO(EBADF) || CHECK_ERRNO(ENOTSOCK)) { #endif + set_error(); return -1; } } @@ -5052,11 +5069,7 @@ sock_initobj(PyObject *self, PyObject *args, PyObject *kwds) { type = tmp; } else { -#ifdef MS_WINDOWS - PyErr_SetFromWindowsErrWithFilename(0, "type"); -#else - PyErr_SetFromErrnoWithFilename(PyExc_OSError, "type"); -#endif + set_error(); return -1; } } @@ -5072,11 +5085,7 @@ sock_initobj(PyObject *self, PyObject *args, PyObject *kwds) { proto = tmp; } else { -#ifdef MS_WINDOWS - PyErr_SetFromWindowsErrWithFilename(0, "protocol"); -#else - PyErr_SetFromErrnoWithFilename(PyExc_OSError, "protocol"); -#endif + set_error(); return -1; } } |