From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Date: Thu, 1 Feb 2024 01:00:09 +0000 (+0100) Subject: [3.12] gh-109534: fix reference leak when SSL handshake fails (GH-114074) (#114829) X-Git-Tag: v3.12.2~52 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0ee6fbaab6888dc0252c497b13a7ba73f5172931;p=thirdparty%2FPython%2Fcpython.git [3.12] gh-109534: fix reference leak when SSL handshake fails (GH-114074) (#114829) gh-109534: fix reference leak when SSL handshake fails (GH-114074) (cherry picked from commit 80aa7b3688b8fdc85cd53d4113cb5f6ce5500027) Co-authored-by: Jamie Phan --- diff --git a/Lib/asyncio/selector_events.py b/Lib/asyncio/selector_events.py index f895750e3cf9..790711f83409 100644 --- a/Lib/asyncio/selector_events.py +++ b/Lib/asyncio/selector_events.py @@ -235,6 +235,10 @@ class BaseSelectorEventLoop(base_events.BaseEventLoop): await waiter except BaseException: transport.close() + # gh-109534: When an exception is raised by the SSLProtocol object the + # exception set in this future can keep the protocol object alive and + # cause a reference cycle. + waiter = None raise # It's now up to the protocol to handle the connection. diff --git a/Lib/asyncio/sslproto.py b/Lib/asyncio/sslproto.py index 4d2cf8224ae4..e51669a2ab2a 100644 --- a/Lib/asyncio/sslproto.py +++ b/Lib/asyncio/sslproto.py @@ -579,6 +579,7 @@ class SSLProtocol(protocols.BufferedProtocol): peercert = sslobj.getpeercert() except Exception as exc: + handshake_exc = None self._set_state(SSLProtocolState.UNWRAPPED) if isinstance(exc, ssl.CertificateError): msg = 'SSL handshake failed on verifying the certificate' diff --git a/Misc/NEWS.d/next/Library/2024-01-15-18-42-44.gh-issue-109534.wYaLMZ.rst b/Misc/NEWS.d/next/Library/2024-01-15-18-42-44.gh-issue-109534.wYaLMZ.rst new file mode 100644 index 000000000000..fc9a765a2300 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2024-01-15-18-42-44.gh-issue-109534.wYaLMZ.rst @@ -0,0 +1,3 @@ +Fix a reference leak in +:class:`asyncio.selector_events.BaseSelectorEventLoop` when SSL handshakes +fail. Patch contributed by Jamie Phan.