From: Douglas Bagnall Date: Sun, 4 Aug 2019 12:41:49 +0000 (+1200) Subject: pyglue: generate_random_bytes/str accept positive numbers only X-Git-Tag: talloc-2.4.0~1296 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b7b4d6da5fa81635e71c5e5e84dbdd13e7915b4b;p=thirdparty%2Fsamba.git pyglue: generate_random_bytes/str accept positive numbers only We aren't yet able to generate negative numbers of random bytes. Instead a request for -n bytes is implicitly converted into one for SIZE_MAX - n bytes, which is typically very large. Memory exhaustion seems a likely outcome. With this patch callers will see a ValueError. Signed-off-by: Douglas Bagnall Reviewed-by: Andreas Schneider --- diff --git a/python/pyglue.c b/python/pyglue.c index 5ee2b68b8ad..969b35145de 100644 --- a/python/pyglue.c +++ b/python/pyglue.c @@ -37,9 +37,15 @@ static PyObject *py_generate_random_str(PyObject *self, PyObject *args) int len; PyObject *ret; char *retstr; - if (!PyArg_ParseTuple(args, "i", &len)) + if (!PyArg_ParseTuple(args, "i", &len)) { return NULL; - + } + if (len < 0) { + PyErr_Format(PyExc_ValueError, + "random string length should be positive, not %d", + len); + return NULL; + } retstr = generate_random_str(NULL, len); ret = PyUnicode_FromString(retstr); talloc_free(retstr); @@ -97,9 +103,15 @@ static PyObject *py_generate_random_bytes(PyObject *self, PyObject *args) PyObject *ret; uint8_t *bytes = NULL; - if (!PyArg_ParseTuple(args, "i", &len)) + if (!PyArg_ParseTuple(args, "i", &len)) { return NULL; - + } + if (len < 0) { + PyErr_Format(PyExc_ValueError, + "random bytes length should be positive, not %d", + len); + return NULL; + } bytes = talloc_zero_size(NULL, len); if (bytes == NULL) { PyErr_NoMemory();