[Python-checkins] cpython (3.6): Issue #29061: secrets.randbelow() would hang with a negative input

raymond.hettinger python-checkins at python.org
Fri Dec 30 00:55:12 EST 2016 

https://hg.python.org/cpython/rev/0509844f38df
changeset:   105894:0509844f38df
branch:      3.6
parent:      105892:b09d0a2587da
user:        Raymond Hettinger <python at rcn.com>
date:        Thu Dec 29 22:54:25 2016 -0700
summary:
  Issue #29061:  secrets.randbelow() would hang with a negative input

files:
  Lib/secrets.py           |  2 ++
  Lib/test/test_secrets.py |  1 +
  Misc/ACKS                |  1 +
  Misc/NEWS                |  3 +++
  4 files changed, 7 insertions(+), 0 deletions(-)


diff --git a/Lib/secrets.py b/Lib/secrets.py
--- a/Lib/secrets.py
+++ b/Lib/secrets.py
@@ -26,6 +26,8 @@
 
 def randbelow(exclusive_upper_bound):
     """Return a random int in the range [0, n)."""
+    if exclusive_upper_bound <= 0:
+        raise ValueError("Upper bound must be positive.")
     return _sysrand._randbelow(exclusive_upper_bound)
 
 DEFAULT_ENTROPY = 32  # number of bytes to return by default
diff --git a/Lib/test/test_secrets.py b/Lib/test/test_secrets.py
--- a/Lib/test/test_secrets.py
+++ b/Lib/test/test_secrets.py
@@ -70,6 +70,7 @@
         for i in range(2, 10):
             self.assertIn(secrets.randbelow(i), range(i))
         self.assertRaises(ValueError, secrets.randbelow, 0)
+        self.assertRaises(ValueError, secrets.randbelow, -1)
 
 
 class Token_Tests(unittest.TestCase):
diff --git a/Misc/ACKS b/Misc/ACKS
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -369,6 +369,7 @@
 Josip Djolonga
 Walter Dörwald
 Jaromir Dolecek
+Brendan Donegan
 Ismail Donmez
 Robert Donohue
 Marcos Donolo
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -43,6 +43,9 @@
 - Issue #29085: Allow random.Random.seed() to use high quality OS randomness
   rather than the pid and time.
 
+- Issue #29061: Fixed bug in secrets.randbelow() which would hang when given
+  a negative input.  Patch by Brendan Donegan.
+
 - Issue #29079: Prevent infinite loop in pathlib.resolve() on Windows
 
 - Issue #13051: Fixed recursion errors in large or resized

-- 
Repository URL: https://hg.python.org/cpython

More information about the Python-checkins mailing list