Kaydet (Commit) 365ad2ea authored tarafından Zackery Spytz's avatar Zackery Spytz Kaydeden (comit) Miss Islington (bot)

bpo-34824: Fix a possible NULL pointer dereference in _ssl.c (GH-9606)



On failure, _PyBytes_Resize() will deallocate the bytes object and set
"result" to NULL.


https://bugs.python.org/issue34824
üst 683281f5
Fix a possible null pointer dereference in Modules/_ssl.c. Patch by Zackery
Spytz.
......@@ -4710,12 +4710,17 @@ _ssl_MemoryBIO_read_impl(PySSLMemoryBIO *self, int len)
return result;
nbytes = BIO_read(self->bio, PyBytes_AS_STRING(result), len);
/* There should never be any short reads but check anyway. */
if ((nbytes < len) && (_PyBytes_Resize(&result, len) < 0)) {
if (nbytes < 0) {
Py_DECREF(result);
_setSSLError(NULL, 0, __FILE__, __LINE__);
return NULL;
}
/* There should never be any short reads but check anyway. */
if (nbytes < len) {
_PyBytes_Resize(&result, nbytes);
}
return result;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment