bpo-40121: Fixes audit event raised on creating a new socket (GH-19238)

diff --git a/Lib/test/audit-tests.py b/Lib/test/audit-tests.py
index 33f320992bb23f4833712867ea633279cbecc8e9..dda52a5a518f6add37302425f51e300d5d4974f4 100644 (file)
--- a/Lib/test/audit-tests.py
+++ b/Lib/test/audit-tests.py
@@ -327,6 +327,28 @@ def test_winreg():
     CloseKey(kv)
 
 
+def test_socket():
+    import socket
+
+    def hook(event, args):
+        if event.startswith("socket."):
+            print(event, *args)
+
+    sys.addaudithook(hook)
+
+    socket.gethostname()
+
+    # Don't care if this fails, we just want the audit message
+    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+    try:
+        # Don't care if this fails, we just want the audit message
+        sock.bind(('127.0.0.1', 8080))
+    except error:
+        pass
+    finally:
+        sock.close()
+
+
 if __name__ == "__main__":
     from test.libregrtest.setup import suppress_msvcrt_asserts
 

diff --git a/Lib/test/test_audit.py b/Lib/test/test_audit.py
index 73dd5c5b7db30cf5224fda9a490c00382fc59cb7..f405c6923979ca16d85c90b5e01879deac47fecb 100644 (file)
--- a/Lib/test/test_audit.py
+++ b/Lib/test/test_audit.py
@@ -118,6 +118,18 @@ class AuditTest(unittest.TestCase):
         self.assertSequenceEqual(["winreg.EnumKey", " ", f"{expected} 10000"], events[3])
         self.assertSequenceEqual(["winreg.PyHKEY.Detach", " ", expected], events[4])
 
+    def test_socket(self):
+        support.import_module("socket")
+        returncode, events, stderr = self.run_python("test_socket")
+        if returncode:
+            self.fail(stderr)
+
+        if support.verbose:
+            print(*events, sep='\n')
+        self.assertEqual(events[0][0], "socket.gethostname")
+        self.assertEqual(events[1][0], "socket.__new__")
+        self.assertEqual(events[2][0], "socket.bind")
+        self.assertTrue(events[2][2].endswith("('127.0.0.1', 8080)"))
 
 if __name__ == "__main__":
     unittest.main()

diff --git a/Misc/NEWS.d/next/Security/2020-03-30-23-16-25.bpo-40121.p2LIio.rst b/Misc/NEWS.d/next/Security/2020-03-30-23-16-25.bpo-40121.p2LIio.rst
new file mode 100644 (file)
index 0000000..5aac6cd
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2020-03-30-23-16-25.bpo-40121.p2LIio.rst
@@ -0,0 +1 @@
+Fixes audit events raised on creating a new socket.

diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
index 2818ac7f2057068290161356e14bfb3125b05ff5..b5c241e643dfc7a3cbda61cfe59b0908eae10cd2 100644 (file)
--- a/Modules/socketmodule.c
+++ b/Modules/socketmodule.c
@@ -5099,7 +5099,7 @@ sock_initobj(PyObject *self, PyObject *args, PyObject *kwds)
 
 #ifdef MS_WINDOWS
     /* In this case, we don't use the family, type and proto args */
-    if (fdobj != NULL && fdobj != Py_None)
+    if (fdobj == NULL || fdobj == Py_None)
 #endif
     {
         if (PySys_Audit("socket.__new__", "Oiii",
@@ -5121,8 +5121,9 @@ sock_initobj(PyObject *self, PyObject *args, PyObject *kwds)
             }
             memcpy(&info, PyBytes_AS_STRING(fdobj), sizeof(info));
 
-            if (PySys_Audit("socket()", "iii", info.iAddressFamily,
-                            info.iSocketType, info.iProtocol) < 0) {
+            if (PySys_Audit("socket.__new__", "Oiii", s,
+                            info.iAddressFamily, info.iSocketType,
+                            info.iProtocol) < 0) {
                 return -1;
             }