Closes #15793: Stack corruption in ssl.RAND_egd()

62633f3b · Jesus Cea · ece02371 · 62633f3b · 62633f3b · 62633f3b
Commit 62633f3b authored Sep 11, 2012 by Jesus Cea
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 7 deletions

Lib/test/test_ssl.py Lib/test/test_ssl.py +2 -6

Misc/NEWS Misc/NEWS +3 -0

Modules/_ssl.c Modules/_ssl.c +1 -1

No files found.
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -103,12 +103,8 @@ class BasicSocketTests(unittest.TestCase):
            sys.stdout.write("\n RAND_status is %d (%s)\n"
                             % (v, (v and "sufficient randomness") or
                                "insufficient randomness"))
-        try:
-            ssl.RAND_egd(1)
-        except TypeError:
-            pass
-        else:
-            print("didn't raise TypeError")
+        self.assertRaises(TypeError, ssl.RAND_egd, 1)
+        self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
        ssl.RAND_add("this is a random string", 75.0)

    def test_parse_cert(self):

--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -154,6 +154,9 @@ Library

 - Issue #13579: string.Formatter now understands the 'a' conversion specifier.

+- Issue #15793: Stack corruption in ssl.RAND_egd().
+  Patch by Serhiy Storchaka.
+
 - Issue #15595: Fix subprocess.Popen(universal_newlines=True)
  for certain locales (utf-16 and utf-32 family). Patch by Chris Jerdonek.


--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -1917,7 +1917,7 @@ PySSL_RAND_egd(PyObject *self, PyObject *args)
    PyObject *path;
    int bytes;

-    if (!PyArg_ParseTuple(args, "O&|i:RAND_egd",
+    if (!PyArg_ParseTuple(args, "O&:RAND_egd",
                          PyUnicode_FSConverter, &path))
        return NULL;