traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

bpo-41056: Fix a NULL pointer dereference on MemoryError within the ssl module. (GH-21009) 

Detected by Coverity.
(cherry picked from commit eb0d5c38de)

Co-authored-by: Gregory P. Smith <greg@krypto.org>
This commit is contained in:
Miss Islington (bot) 2020-06-21 12:11:29 -07:00 committed by GitHub
parent a4c09560ea
commit 10bf6e4823
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Misc/NEWS.d/next/Library/2020-06-20-18-35-43.bpo-41056.Garcle.rst Normal file
View File

@ -0,0 +1 @@
Fix a NULL pointer dereference within the ssl module during a MemoryError in the keylog callback. (discovered by Coverity)

12
Modules/_ssl/debughelpers.c
View File

@ -125,6 +125,12 @@ _PySSL_keylog_callback(const SSL *ssl, const char *line)
threadstate = PyGILState_Ensure(); threadstate = PyGILState_Ensure();
ssl_obj = (PySSLSocket *)SSL_get_app_data(ssl);
assert(PySSLSocket_Check(ssl_obj));
if (ssl_obj->ctx->keylog_bio == NULL) {
return;
}
/* Allocate a static lock to synchronize writes to keylog file. /* Allocate a static lock to synchronize writes to keylog file.
* The lock is neither released on exit nor on fork(). The lock is * The lock is neither released on exit nor on fork(). The lock is
* also shared between all SSLContexts although contexts may write to * also shared between all SSLContexts although contexts may write to
@ -141,12 +147,6 @@ _PySSL_keylog_callback(const SSL *ssl, const char *line)
} }
} }
ssl_obj = (PySSLSocket *)SSL_get_app_data(ssl);
assert(PySSLSocket_Check(ssl_obj));
if (ssl_obj->ctx->keylog_bio == NULL) {
return;
}
PySSL_BEGIN_ALLOW_THREADS PySSL_BEGIN_ALLOW_THREADS
PyThread_acquire_lock(lock, 1); PyThread_acquire_lock(lock, 1);
res = BIO_printf(ssl_obj->ctx->keylog_bio, "%s\n", line); res = BIO_printf(ssl_obj->ctx->keylog_bio, "%s\n", line);