From 5503d4731e822e90eea387efa37934d2df41c784 Mon Sep 17 00:00:00 2001 From: Martin Panter Date: Sun, 27 Mar 2016 05:35:19 +0000 Subject: Issue #26644: Raise ValueError for negative SSLSocket.recv() and read() --- Lib/test/test_ssl.py | 11 +++++++++++ Misc/NEWS | 3 +++ Modules/_ssl.c | 5 +++++ 3 files changed, 19 insertions(+) diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 9a48483..8c0dd31 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -2792,6 +2792,13 @@ else: # consume data s.read() + # read(-1, buffer) is supported, even though read(-1) is not + data = b"data" + s.send(data) + buffer = bytearray(len(data)) + self.assertEqual(s.read(-1, buffer), len(data)) + self.assertEqual(buffer, data) + # Make sure sendmsg et al are disallowed to avoid # inadvertent disclosure of data and/or corruption # of the encrypted data stream @@ -2801,6 +2808,10 @@ else: s.recvmsg_into, bytearray(100)) s.write(b"over\n") + + self.assertRaises(ValueError, s.recv, -1) + self.assertRaises(ValueError, s.read, -1) + s.close() def test_nonblocking_send(self): diff --git a/Misc/NEWS b/Misc/NEWS index 1127e37..acbaaf7 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -94,6 +94,9 @@ Core and Builtins Library ------- +- Issue #26644: Raise ValueError rather than SystemError when a negative + length is passed to SSLSocket.recv() or read(). + - Issue #26616: Fixed a bug in datetime.astimezone() method. - Issue #21925: :func:`warnings.formatwarning` now catches exceptions on diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 3377138..51b5399 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -1895,6 +1895,11 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1, _PyTime_t timeout, deadline = 0; int has_timeout; + if (!group_right_1 && len < 0) { + PyErr_SetString(PyExc_ValueError, "size should not be negative"); + return NULL; + } + if (sock != NULL) { if (((PyObject*)sock) == Py_None) { _setSSLError("Underlying socket connection gone", -- cgit v0.12