(Merge 3.3) Issue #20025: ssl.RAND_bytes() and ssl.RAND_pseudo_bytes() now

raise a ValueError if num is negative (instead of raising a SystemError).

(Merge 3.3) Issue #20025: ssl.RAND_bytes() and ssl.RAND_pseudo_bytes() now
raise a ValueError if num is negative (instead of raising a SystemError).
36e96b87 · Victor Stinner · c234f185 · 1e81a399 · 36e96b87 · 36e96b87
Kaydet (Commit) 36e96b87 authored Ara 19, 2013 tarafından Victor Stinner
Show whitespace changes
Inline Side-by-side

Showing with 9 additions and 0 deletions

test_ssl.py Lib/test/test_ssl.py +4 -0

_ssl.c Modules/_ssl.c +5 -0

No files found.
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -150,6 +150,10 @@ class BasicSocketTests(unittest.TestCase):
        else:
            self.assertRaises(ssl.SSLError, ssl.RAND_bytes, 16)

+        # negative num is invalid
+        self.assertRaises(ValueError, ssl.RAND_bytes, -5)
+        self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5)
+
        self.assertRaises(TypeError, ssl.RAND_egd, 1)
        self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
        ssl.RAND_add("this is a random string", 75.0)

--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -3244,6 +3244,11 @@ PySSL_RAND(int len, int pseudo)
    const char *errstr;
    PyObject *v;

+    if (len < 0) {
+        PyErr_SetString(PyExc_ValueError, "num must be positive");
+        return NULL;
+    }
+
    bytes = PyBytes_FromStringAndSize(NULL, len);
    if (bytes == NULL)
        return NULL;