mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-07-19 17:25:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Issue #18135: ssl.SSLSocket.write() now raises an OverflowError if the input

Browse source 
string in longer than 2 gigabytes, and ssl.SSLContext.load_cert_chain() raises
a ValueError if the password is longer than 2 gigabytes. The ssl module does
not support partial write.
This commit is contained in:
Victor Stinner 2013-06-25 00:42:31 +02:00
parent 51cee7d24a
commit 6efa965a27
2 changed files with 11 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

9
Modules/_ssl.c
View file

@ -1264,6 +1264,12 @@ static PyObject *PySSL_SSLwrite(PySSLSocket *self, PyObject *args)
return NULL;
}
if (buf.len > INT_MAX) {
PyErr_Format(PyExc_OverflowError,
"string longer than %d bytes", INT_MAX);
goto error;
}
/* just in case the blocking state of the socket has been changed */
nonblocking = (sock->sock_timeout >= 0.0);
BIO_set_nbio(SSL_get_rbio(self->ssl), nonblocking);
@ -1284,9 +1290,8 @@ static PyObject *PySSL_SSLwrite(PySSLSocket *self, PyObject *args)
goto error;
}
do {
len = (int)Py_MIN(buf.len, INT_MAX);
PySSL_BEGIN_ALLOW_THREADS
len = SSL_write(self->ssl, buf.buf, len);
len = SSL_write(self->ssl, buf.buf, (int)buf.len);
err = SSL_get_error(self->ssl, len);
PySSL_END_ALLOW_THREADS
if (PyErr_CheckSignals()) {