Merge #1648: When looking for a free TCP ports, bind only to localhost

fe9ec99 When looking for a free TCP ports, bind only to localhost (Kristaps Kaupe) Pull request description: Not a real security issue, as this is only used in tests, but it's simple to fix and right thing to do. Found by [GitHub CodeQL code scanner](https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql). Top commit has no ACKs. Tree-SHA512: cf2b3267bef2bf9132e4727305ffdb8d1734a1c1bf083c344096c930835df9a625dfd86d3c3dd5c24e3d8e28e4cbbac47d9d95aaee5198198a60d376c7f1b08a
JoinMarket-Org · Feb 1, 2024 · 5c79a83 · 5c79a83
2 parents 658bb00 + fe9ec99
commit 5c79a83
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/jmbase/support.py b/src/jmbase/support.py
@@ -350,7 +350,7 @@ def get_free_tcp_ports(num_ports: int) -> List[int]:
     ports = []
     for i in range(num_ports):
         s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-        s.bind(("", 0))
+        s.bind(("127.0.0.1", 0))
         s.listen(1)
         ports.append(s.getsockname()[1])
         sockets.append(s)