MERGE: Closes #15793: Stack corruption in ssl.RAND_egd()

b7a28008 · Jesus Cea · 67bd81b8 · c8754a13 · b7a28008 · b7a28008
Commit b7a28008 authored Sep 11, 2012 by Jesus Cea
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 7 deletions

Lib/test/test_ssl.py Lib/test/test_ssl.py +2 -6

Misc/NEWS Misc/NEWS +3 -0

Modules/_ssl.c Modules/_ssl.c +1 -1

No files found.
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -125,12 +125,8 @@ class BasicSocketTests(unittest.TestCase):
        else:
            self.assertRaises(ssl.SSLError, ssl.RAND_bytes, 16)

-        try:
-            ssl.RAND_egd(1)
-        except TypeError:
-            pass
-        else:
-            print("didn't raise TypeError")
+        self.assertRaises(TypeError, ssl.RAND_egd, 1)
+        self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
        ssl.RAND_add("this is a random string", 75.0)

    def test_parse_cert(self):

--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -210,6 +210,9 @@ Library

 - Issue #13579: string.Formatter now understands the 'a' conversion specifier.

+- Issue #15793: Stack corruption in ssl.RAND_egd().
+  Patch by Serhiy Storchaka.
+
 - Issue #15595: Fix subprocess.Popen(universal_newlines=True)
  for certain locales (utf-16 and utf-32 family). Patch by Chris Jerdonek.


--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -2481,7 +2481,7 @@ PySSL_RAND_egd(PyObject *self, PyObject *args)
    PyObject *path;
    int bytes;

-    if (!PyArg_ParseTuple(args, "O&|i:RAND_egd",
+    if (!PyArg_ParseTuple(args, "O&:RAND_egd",
                          PyUnicode_FSConverter, &path))
        return NULL;