1berry/cpython
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bpo-30594: Fixed refcounting in newPySSLSocket (#1992)

Browse Source 
If pass a server_hostname= that fails IDNA decoding to SSLContext.wrap_socket or SSLContext.wrap_bio, then the SSLContext object had a spurious Py_DECREF called on it, eventually leading to segfaults.
This commit is contained in:
Nathaniel J. Smith 2017-06-07 23:30:43 -07:00 committed by Serhiy Storchaka
parent 0ecdc52514
commit 65ece7ca23
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Modules/_ssl.c
View File

@ -596,6 +596,7 @@ newPySSLSocket(PySSLContext *sslctx, PySocketSockObject *sock,
self->ssl = NULL;
self->Socket = NULL;
self->ctx = sslctx;
Py_INCREF(sslctx);
self->shutdown_seen_zero = 0;
self->owner = NULL;
self->server_hostname = NULL;
@ -609,8 +610,6 @@ newPySSLSocket(PySSLContext *sslctx, PySocketSockObject *sock,
self->server_hostname = hostname;
}
Py_INCREF(sslctx);
/* Make sure the SSL error state is initialized */
(void) ERR_get_state();
ERR_clear_error();