[New-bugs-announce] [issue4967] Bugs in _ssl object read() when a buffer is specified

Antoine Pitrou report at bugs.python.org
Sat Jan 17 03:36:52 CET 2009

New submission from Antoine Pitrou <pitrou at free.fr>:

The read() method on ssl objects can take a buffer as a parameter, but
the method is buggy in this case:

- it only accepts bytearrays, while it should accept any object
supporting the buffer protocol in write mode
- when the object is not a bytearray, it returns NULL without setting
the current exception
- since it doesn't attempt to get a buffer export from the object, there
is no protection and the buffer could be resized while the method
releases the GIL, leading to a likely crash

This patch solves all three issues. Note that I'm not able to write an
unit test for it, because test_ssl.py is too high-level (it looks more
like functional tests than unit tests). Also, the only reason I
discovered this is that it made some tests fail on the io-in-C branch
(which uses readinto() a lot). I'm a complete SSL newbie.

assignee: janssen
components: Extension Modules
files: ssl-readbuffer.patch
keywords: patch
messages: 79996
nosy: janssen, pitrou
priority: normal
severity: normal
stage: patch review
status: open
title: Bugs in _ssl object read() when a buffer is specified
type: crash
versions: Python 2.6, Python 2.7, Python 3.0, Python 3.1
Added file: http://bugs.python.org/file12772/ssl-readbuffer.patch

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list