Commit 1e81a399 authored by Victor Stinner's avatar Victor Stinner

Issue #20025: ssl.RAND_bytes() and ssl.RAND_pseudo_bytes() now raise a

ValueError if num is negative (instead of raising a SystemError).
parent cb1f74ec
...@@ -126,6 +126,10 @@ class BasicSocketTests(unittest.TestCase): ...@@ -126,6 +126,10 @@ class BasicSocketTests(unittest.TestCase):
else: else:
self.assertRaises(ssl.SSLError, ssl.RAND_bytes, 16) self.assertRaises(ssl.SSLError, ssl.RAND_bytes, 16)
# negative num is invalid
self.assertRaises(ValueError, ssl.RAND_bytes, -5)
self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5)
self.assertRaises(TypeError, ssl.RAND_egd, 1) self.assertRaises(TypeError, ssl.RAND_egd, 1)
self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1) self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
ssl.RAND_add("this is a random string", 75.0) ssl.RAND_add("this is a random string", 75.0)
......
...@@ -2486,6 +2486,11 @@ PySSL_RAND(int len, int pseudo) ...@@ -2486,6 +2486,11 @@ PySSL_RAND(int len, int pseudo)
const char *errstr; const char *errstr;
PyObject *v; PyObject *v;
if (len < 0) {
PyErr_SetString(PyExc_ValueError, "num must be positive");
return NULL;
}
bytes = PyBytes_FromStringAndSize(NULL, len); bytes = PyBytes_FromStringAndSize(NULL, len);
if (bytes == NULL) if (bytes == NULL)
return NULL; return NULL;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment