From: Jamie Phan Date: Thu, 1 Feb 2024 00:42:17 +0000 (+0700) Subject: gh-109534: fix reference leak when SSL handshake fails (#114074) X-Git-Tag: v3.13.0a4~229 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=80aa7b3688b8fdc85cd53d4113cb5f6ce5500027;p=thirdparty%2FPython%2Fcpython.git gh-109534: fix reference leak when SSL handshake fails (#114074) --- diff --git a/Lib/asyncio/selector_events.py b/Lib/asyncio/selector_events.py index dcd5e0aa3450..10fbdd76e93f 100644 --- a/Lib/asyncio/selector_events.py +++ b/Lib/asyncio/selector_events.py @@ -235,6 +235,10 @@ class BaseSelectorEventLoop(base_events.BaseEventLoop): await waiter except BaseException: transport.close() + # gh-109534: When an exception is raised by the SSLProtocol object the + # exception set in this future can keep the protocol object alive and + # cause a reference cycle. + waiter = None raise # It's now up to the protocol to handle the connection. diff --git a/Lib/asyncio/sslproto.py b/Lib/asyncio/sslproto.py index 599e91ba0003..fa99d4533aa0 100644 --- a/Lib/asyncio/sslproto.py +++ b/Lib/asyncio/sslproto.py @@ -579,6 +579,7 @@ class SSLProtocol(protocols.BufferedProtocol): peercert = sslobj.getpeercert() except Exception as exc: + handshake_exc = None self._set_state(SSLProtocolState.UNWRAPPED) if isinstance(exc, ssl.CertificateError): msg = 'SSL handshake failed on verifying the certificate' diff --git a/Misc/NEWS.d/next/Library/2024-01-15-18-42-44.gh-issue-109534.wYaLMZ.rst b/Misc/NEWS.d/next/Library/2024-01-15-18-42-44.gh-issue-109534.wYaLMZ.rst new file mode 100644 index 000000000000..fc9a765a2300 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2024-01-15-18-42-44.gh-issue-109534.wYaLMZ.rst @@ -0,0 +1,3 @@ +Fix a reference leak in +:class:`asyncio.selector_events.BaseSelectorEventLoop` when SSL handshakes +fail. Patch contributed by Jamie Phan.