cpython: 715fd3d8ac93 (original) (raw)
Mercurial > cpython
changeset 88454:715fd3d8ac93 3.1
complain when nbytes > buflen to fix possible buffer overflow (closes #20246) [#20246]
| Benjamin Peterson benjamin@python.org | |
|---|---|
| date | Mon, 13 Jan 2014 23:06:14 -0500 |
| parents | b1ddcb220a7f(current diff)87673659d8f7(diff) |
| children | d4b9692ac75f |
| files | Lib/test/test_socket.py Misc/ACKS Misc/NEWS Modules/socketmodule.c |
| diffstat | 4 files changed, 17 insertions(+), 0 deletions(-)[+] [-] Lib/test/test_socket.py 8 Misc/ACKS 1 Misc/NEWS 2 Modules/socketmodule.c 6 |
line wrap: on
line diff
--- a/Lib/test/test_socket.py +++ b/Lib/test/test_socket.py @@ -1424,6 +1424,14 @@ class BufferIOTest(SocketConnectedTest): buf = bytes(MSG) self.serv_conn.send(buf)
- def testRecvFromIntoSmallBuffer(self):
# See issue #20246.[](#l1.8)buf = bytearray(8)[](#l1.9)self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024)[](#l1.10)
+ TIPC_STYPE = 2000 TIPC_LOWER = 200
--- a/Misc/ACKS +++ b/Misc/ACKS @@ -757,6 +757,7 @@ Kragen Sitaker Eric V. Smith Christopher Smith Gregory P. Smith +Ryan Smith-Roberts Rafal Smotrzyk Dirk Soede Paul Sokolovsky
--- a/Misc/NEWS +++ b/Misc/NEWS @@ -13,6 +13,8 @@ Core and Builtins Library ------- +- Issue #20246: Fix buffer overflow in socket.recvfrom_into. +
- Issue #19435: Fix directory traversal attack on CGIHttpRequestHandler.
- Issue #14984: On POSIX systems, when netrc is called without a filename
--- a/Modules/socketmodule.c +++ b/Modules/socketmodule.c @@ -2494,6 +2494,12 @@ sock_recvfrom_into(PySocketSockObject s if (recvlen == 0) { / If nbytes was not specified, use the buffer's length */ recvlen = buflen;