bpo-37013: Fix the error handling in socket.if_indextoname() (GH-13503)

* Fix a crash when pass UINT_MAX.
* Fix an integer overflow on 64-bit non-Windows platforms.

diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py
index 86701caf05399eca5b72686c1091d7724a06845f..4eb5af99d6674c2b07b4251432383a365de2dfb5 100644 (file)
--- a/Lib/test/test_socket.py
+++ b/Lib/test/test_socket.py
@@ -1082,7 +1082,20 @@ class GeneralModuleTests(unittest.TestCase):
                          'socket.if_indextoname() not available.')
     def testInvalidInterfaceIndexToName(self):
         self.assertRaises(OSError, socket.if_indextoname, 0)
+        self.assertRaises(OverflowError, socket.if_indextoname, -1)
+        self.assertRaises(OverflowError, socket.if_indextoname, 2**1000)
         self.assertRaises(TypeError, socket.if_indextoname, '_DEADBEEF')
+        if hasattr(socket, 'if_nameindex'):
+            indices = dict(socket.if_nameindex())
+            for index in indices:
+                index2 = index + 2**32
+                if index2 not in indices:
+                    with self.assertRaises((OverflowError, OSError)):
+                        socket.if_indextoname(index2)
+            for index in 2**32-1, 2**64-1:
+                if index not in indices:
+                    with self.assertRaises((OverflowError, OSError)):
+                        socket.if_indextoname(index)
 
     @unittest.skipUnless(hasattr(socket, 'if_nametoindex'),
                          'socket.if_nametoindex() not available.')

diff --git a/Misc/NEWS.d/next/Library/2023-12-01-16-09-59.gh-issue-81194.FFad1c.rst b/Misc/NEWS.d/next/Library/2023-12-01-16-09-59.gh-issue-81194.FFad1c.rst
new file mode 100644 (file)
index 0000000..feb7a86
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2023-12-01-16-09-59.gh-issue-81194.FFad1c.rst
@@ -0,0 +1,3 @@
+Fix a crash in :func:`socket.if_indextoname` with specific value (UINT_MAX).
+Fix an integer overflow in :func:`socket.if_indextoname` on 64-bit
+non-Windows platforms.

diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
index 9ac2001c0132d35fbbe3e13fb56fbe373f94a9ce..0a0e0e78656f76b6ad19ee3cf58cf562a530406e 100644 (file)
--- a/Modules/socketmodule.c
+++ b/Modules/socketmodule.c
@@ -7071,17 +7071,23 @@ _socket_socket_if_nametoindex_impl(PySocketSockObject *self, PyObject *oname)
 static PyObject *
 socket_if_indextoname(PyObject *self, PyObject *arg)
 {
+    unsigned long index_long = PyLong_AsUnsignedLong(arg);
+    if (index_long == (unsigned long) -1 && PyErr_Occurred()) {
+        return NULL;
+    }
+
 #ifdef MS_WINDOWS
-    NET_IFINDEX index;
+    NET_IFINDEX index = (NET_IFINDEX)index_long;
 #else
-    unsigned long index;
+    unsigned int index = (unsigned int)index_long;
 #endif
-    char name[IF_NAMESIZE + 1];
 
-    index = PyLong_AsUnsignedLong(arg);
-    if (index == (unsigned long) -1)
+    if ((unsigned long)index != index_long) {
+        PyErr_SetString(PyExc_OverflowError, "index is too large");
         return NULL;
+    }
 
+    char name[IF_NAMESIZE + 1];
     if (if_indextoname(index, name) == NULL) {
         PyErr_SetFromErrno(PyExc_OSError);
         return NULL;