(Merge 3.3) Issue #18135: ssl.SSLSocket.write() now raises an OverflowError if
the input string in longer than 2 gigabytes, and ssl.SSLContext.load_cert_chain() raises a ValueError if the password is longer than 2 gigabytes. The ssl module does not support partial write.
This commit is contained in:
commit
86073dc3c2
|
@ -129,12 +129,14 @@ Core and Builtins
|
|||
Library
|
||||
-------
|
||||
|
||||
|
||||
- Issue #11390: Add -o and -f command line options to the doctest CLI to
|
||||
specify doctest options (and convert it to using argparse).
|
||||
|
||||
- Issue #18135: Fix a possible integer overflow in ssl.SSLSocket.write()
|
||||
and in ssl.SSLContext.load_cert_chain() for strings and passwords longer than
|
||||
2 gigabytes.
|
||||
- Issue #18135: ssl.SSLSocket.write() now raises an OverflowError if the input
|
||||
string in longer than 2 gigabytes, and ssl.SSLContext.load_cert_chain()
|
||||
raises a ValueError if the password is longer than 2 gigabytes. The ssl
|
||||
module does not support partial write.
|
||||
|
||||
- Issue #11016: Add C implementation of the stat module as _stat.
|
||||
|
||||
|
|
|
@ -1338,6 +1338,12 @@ static PyObject *PySSL_SSLwrite(PySSLSocket *self, PyObject *args)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
if (buf.len > INT_MAX) {
|
||||
PyErr_Format(PyExc_OverflowError,
|
||||
"string longer than %d bytes", INT_MAX);
|
||||
goto error;
|
||||
}
|
||||
|
||||
/* just in case the blocking state of the socket has been changed */
|
||||
nonblocking = (sock->sock_timeout >= 0.0);
|
||||
BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
|
||||
|
@ -1358,9 +1364,8 @@ static PyObject *PySSL_SSLwrite(PySSLSocket *self, PyObject *args)
|
|||
goto error;
|
||||
}
|
||||
do {
|
||||
len = (int)Py_MIN(buf.len, INT_MAX);
|
||||
PySSL_BEGIN_ALLOW_THREADS
|
||||
len = SSL_write(self->ssl, buf.buf, len);
|
||||
len = SSL_write(self->ssl, buf.buf, (int)buf.len);
|
||||
err = SSL_get_error(self->ssl, len);
|
||||
PySSL_END_ALLOW_THREADS
|
||||
if (PyErr_CheckSignals()) {
|
||||
|
|
Loading…
Reference in New Issue