]> git.ipfire.org Git - thirdparty/Python/cpython.git/commitdiff
projects / thirdparty / Python / cpython.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cb1f74e)
Issue #20025: ssl.RAND_bytes() and ssl.RAND_pseudo_bytes() now raise a
authorVictor Stinner <victor.stinner@gmail.com>
Thu, 19 Dec 2013 15:47:04 +0000 (16:47 +0100)
committerVictor Stinner <victor.stinner@gmail.com>
Thu, 19 Dec 2013 15:47:04 +0000 (16:47 +0100)
ValueError if num is negative (instead of raising a SystemError).

Lib/test/test_ssl.py patch | blob | blame | history
Modules/_ssl.c patch | blob | blame | history

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index f235daf4635af6e08c7ec71ff64c2776108628c7..f3b5695a1cd148c23954cec795a02c89f1c1635f 100644 (file)
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -126,6 +126,10 @@ class BasicSocketTests(unittest.TestCase):
         else:
             self.assertRaises(ssl.SSLError, ssl.RAND_bytes, 16)
 
+        # negative num is invalid
+        self.assertRaises(ValueError, ssl.RAND_bytes, -5)
+        self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5)
+
         self.assertRaises(TypeError, ssl.RAND_egd, 1)
         self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
         ssl.RAND_add("this is a random string", 75.0)
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 374d930166f7cd302a805fecb1cdad2f0565346c..4b02d8d2dddfe0189da60a3375c456957e00a5bb 100644 (file)
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -2486,6 +2486,11 @@ PySSL_RAND(int len, int pseudo)
     const char *errstr;
     PyObject *v;
 
+    if (len < 0) {
+        PyErr_SetString(PyExc_ValueError, "num must be positive");
+        return NULL;
+    }
+
     bytes = PyBytes_FromStringAndSize(NULL, len);
     if (bytes == NULL)
         return NULL;
Mirror of https://github.com/python/cpython.git