/pyopenssl

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't use things after they're freed...duh #709

Merged
merged 4 commits into from Nov 20, 2017

Conversation

Reviewers

@reaperhulk reaperhulk

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@alex @reaperhulk
@alex
Member

alex commented Nov 20, 2017

No description provided.

alex added some commits Nov 16, 2017

@alex
Don't use things after they're freed...duh
Loading status checks…
2e194f6
@alex
changelog
Loading status checks…
f4fa8ec
@codecov

This comment has been minimized.

Sign in to view

codecov bot commented Nov 20, 2017
edited

Codecov Report

Merging #709 into master will increase coverage by <.01%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #709      +/-   ##
==========================================
+ Coverage   97.01%   97.02%   +<.01%     
==========================================
  Files          16       16              
  Lines        5631     5647      +16     
  Branches      391      392       +1     
==========================================
+ Hits         5463     5479      +16     
  Misses        112      112              
  Partials       56       56
Impacted Files Coverage Δ
src/OpenSSL/SSL.py 94.87% <100%> (-0.02%) ⬇️
src/OpenSSL/crypto.py 96.86% <100%> (+0.05%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c3697ad...08f0af7. Read the comment docs.
@reaperhulk

reaperhulk reviewed Nov 20, 2017
View changes

CHANGELOG.rst Outdated
- Corrected a use-after-free with some uses of the ``X509`` API.

This comment has been minimized.

Sign in to view
Copy link
@reaperhulk

reaperhulk Nov 20, 2017

Member

Should we add a sentence here to state that referencing a previously obtained issuer/subject after a subsequent set call will now raise an exception?
@alex
more details
Loading status checks…
08f0af7
@reaperhulk

reaperhulk approved these changes Nov 20, 2017
View changes

@reaperhulk reaperhulk merged commit 4aa52c3 into pyca:master Nov 20, 2017
3 checks passed

3 checks passed

codecov/patch 100% of diff hit (target 97.01%)
Details
codecov/project 97.02% (+<.01%) compared to c3697ad
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@alex alex deleted the alex:use-after-free-is-a-crime branch Nov 20, 2017

bors-fusion bot added a commit to fusionapp/fusion-index that referenced this pull request Nov 27, 2017

@bors-fusion[bot]
Merge #169 
169: Scheduled weekly dependency update for week 48 r=mithrandi a=pyup-bot




## Updates
Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.
<table align="center">

<tr>
<td><b>hypothesis</b></td>
<td align="center">3.38.0</td>
<td align="center">&raquo;</td>
<td align="center">3.38.5</td>
<td>
     <a href="https://pypi.python.org/pypi/hypothesis">PyPI</a> | <a href="https://pyup.io/changelogs/hypothesis/">Changelog</a> | <a href="https://github.com/HypothesisWorks/hypothesis/issues">Repo</a> 

</td>

<tr>
<td><b>pyasn1-modules</b></td>
<td align="center">0.1.5</td>
<td align="center">&raquo;</td>
<td align="center">0.2.1</td>
<td>
     <a href="https://pypi.python.org/pypi/pyasn1-modules">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1-modules/">Changelog</a> | <a href="https://github.com/etingof/pyasn1-modules">Repo</a> 

</td>

<tr>
<td><b>pyasn1</b></td>
<td align="center">0.3.7</td>
<td align="center">&raquo;</td>
<td align="center">0.4.2</td>
<td>
     <a href="https://pypi.python.org/pypi/pyasn1">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1/">Changelog</a> | <a href="https://github.com/etingof/pyasn1">Repo</a> 

</td>

<tr>
<td><b>pyopenssl</b></td>
<td align="center">17.3.0</td>
<td align="center">&raquo;</td>
<td align="center">17.4.0</td>
<td>
     <a href="https://pypi.python.org/pypi/pyopenssl">PyPI</a> | <a href="https://pyup.io/changelogs/pyopenssl/">Changelog</a> | <a href="https://pyopenssl.org/">Homepage</a> | <a href="http://pythonhosted.org/pyOpenSSL/">Docs</a> 

</td>

<tr>
<td><b>pyrsistent</b></td>
<td align="center">0.14.0</td>
<td align="center">&raquo;</td>
<td align="center">0.14.1</td>
<td>
     <a href="https://pypi.python.org/pypi/pyrsistent">PyPI</a> | <a href="https://pyup.io/changelogs/pyrsistent/">Changelog</a> | <a href="http://github.com/tobgu/pyrsistent/">Repo</a> 

</td>

</tr>
</table>



## Changelogs


### hypothesis 3.38.0 -> 3.38.5

>### 3.38.5

>-------------------

>This fixes the repr of strategies using lambda that are defined inside
>decorators to include the lambda source.

>This would mostly have been visible when using the
>:ref:`statistics &lt;statistics&gt;` functionality - lambdas used for e.g. filtering
>would have shown up with a ``&lt;unknown&gt;`` as their body. This can still happen,
>but it should happen less often now.

>-------------------


>### 3.38.4

>-------------------

>This release updates the reported :ref:`statistics &lt;statistics&gt;` so that they
>show approximately what fraction of your test run time is spent in data
>generation (as opposed to test execution).

>This work was funded by `Smarkets &lt;https://smarkets.com/&gt;`_.

>-------------------


>### 3.38.3

>-------------------

>This is a documentation release, which ensures code examples are up to date
>by running them as doctests in CI (:issue:`711`).

>-------------------


>### 3.38.2

>-------------------

>This release changes the behaviour of the :attr:`~hypothesis.settings.deadline`
>setting when used with :func:`~hypothesis.strategies.data`: Time spent inside
>calls to ``data.draw`` will no longer be counted towards the deadline time.

>As a side effect of some refactoring required for this work, the way flaky
>tests are handled has changed slightly. You are unlikely to see much difference
>from this, but some error messages will have changed.

>This work was funded by `Smarkets &lt;https://smarkets.com/&gt;`_.

>-------------------


>### 3.38.1

>-------------------

>This patch has a variety of non-user-visible refactorings, removing various
>minor warts ranging from indirect imports to typos in comments.

>-------------------






### pyopenssl 17.3.0 -> 17.4.0

>### 17.4.0

>-------------------


>Backward-incompatible changes:
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

>*none*


>Deprecations:
>^^^^^^^^^^^^^

>*none*


>Changes:
>^^^^^^^^


>- Re-added a subset of the ``OpenSSL.rand`` module.
>  This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork.
>  `708 &lt;https://github.com/pyca/pyopenssl/pull/708&gt;`_
>- Corrected a use-after-free when reusing an issuer or subject from an ``X509`` object after the underlying object has been mutated.
>  `709 &lt;https://github.com/pyca/pyopenssl/pull/709&gt;`_

>----








### pyrsistent 0.14.0 -> 0.14.1

>### 0.14.1

> * Equality check performance improvements for pvectors and pmaps. Thanks dtomas for this!
> * Avoid calling factories multiple times for fields that do not change, see PR 120 for for
>   details. Thanks teepark for this!










That's it for now!

Happy merging! 🤖
Loading status checks…
f60a4ce

bors-fusion bot added a commit to fusionapp/entropy that referenced this pull request Nov 27, 2017

@bors-fusion[bot]
Merge #162 
162: Scheduled weekly dependency update for week 48 r=mithrandi a=pyup-bot




## Updates
Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.
<table align="center">

<tr>
<td><b>pyasn1-modules</b></td>
<td align="center">0.1.5</td>
<td align="center">&raquo;</td>
<td align="center">0.2.1</td>
<td>
     <a href="https://pypi.python.org/pypi/pyasn1-modules">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1-modules/">Changelog</a> | <a href="https://github.com/etingof/pyasn1-modules">Repo</a> 

</td>

<tr>
<td><b>pyasn1</b></td>
<td align="center">0.3.7</td>
<td align="center">&raquo;</td>
<td align="center">0.4.2</td>
<td>
     <a href="https://pypi.python.org/pypi/pyasn1">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1/">Changelog</a> | <a href="https://github.com/etingof/pyasn1">Repo</a> 

</td>

<tr>
<td><b>pyopenssl</b></td>
<td align="center">17.3.0</td>
<td align="center">&raquo;</td>
<td align="center">17.4.0</td>
<td>
     <a href="https://pypi.python.org/pypi/pyopenssl">PyPI</a> | <a href="https://pyup.io/changelogs/pyopenssl/">Changelog</a> | <a href="https://pyopenssl.org/">Homepage</a> | <a href="http://pythonhosted.org/pyOpenSSL/">Docs</a> 

</td>

<tr>
<td><b>pyrsistent</b></td>
<td align="center">0.14.0</td>
<td align="center">&raquo;</td>
<td align="center">0.14.1</td>
<td>
     <a href="https://pypi.python.org/pypi/pyrsistent">PyPI</a> | <a href="https://pyup.io/changelogs/pyrsistent/">Changelog</a> | <a href="http://github.com/tobgu/pyrsistent/">Repo</a> 

</td>

</tr>
</table>



## Changelogs


### pyopenssl 17.3.0 -> 17.4.0

>### 17.4.0

>-------------------


>Backward-incompatible changes:
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

>*none*


>Deprecations:
>^^^^^^^^^^^^^

>*none*


>Changes:
>^^^^^^^^


>- Re-added a subset of the ``OpenSSL.rand`` module.
>  This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork.
>  `708 &lt;https://github.com/pyca/pyopenssl/pull/708&gt;`_
>- Corrected a use-after-free when reusing an issuer or subject from an ``X509`` object after the underlying object has been mutated.
>  `709 &lt;https://github.com/pyca/pyopenssl/pull/709&gt;`_

>----








### pyrsistent 0.14.0 -> 0.14.1

>### 0.14.1

> * Equality check performance improvements for pvectors and pmaps. Thanks dtomas for this!
> * Avoid calling factories multiple times for fields that do not change, see PR 120 for for
>   details. Thanks teepark for this!










That's it for now!

Happy merging! 🤖
Loading status checks…
608be9c

bors-fusion bot added a commit to fusionapp/documint that referenced this pull request Nov 27, 2017

@bors-fusion[bot]
Merge #120 
120: Scheduled weekly dependency update for week 48 r=mithrandi a=pyup-bot




## Updates
Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.
<table align="center">

<tr>
<td><b>pyasn1-modules</b></td>
<td align="center">0.1.5</td>
<td align="center">&raquo;</td>
<td align="center">0.2.1</td>
<td>
     <a href="https://pypi.python.org/pypi/pyasn1-modules">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1-modules/">Changelog</a> | <a href="https://github.com/etingof/pyasn1-modules">Repo</a> 

</td>

<tr>
<td><b>pyasn1</b></td>
<td align="center">0.3.7</td>
<td align="center">&raquo;</td>
<td align="center">0.4.2</td>
<td>
     <a href="https://pypi.python.org/pypi/pyasn1">PyPI</a> | <a href="https://pyup.io/changelogs/pyasn1/">Changelog</a> | <a href="https://github.com/etingof/pyasn1">Repo</a> 

</td>

<tr>
<td><b>pyopenssl</b></td>
<td align="center">17.3.0</td>
<td align="center">&raquo;</td>
<td align="center">17.4.0</td>
<td>
     <a href="https://pypi.python.org/pypi/pyopenssl">PyPI</a> | <a href="https://pyup.io/changelogs/pyopenssl/">Changelog</a> | <a href="https://pyopenssl.org/">Homepage</a> | <a href="http://pythonhosted.org/pyOpenSSL/">Docs</a> 

</td>

</tr>
</table>



## Changelogs


### pyopenssl 17.3.0 -> 17.4.0

>### 17.4.0

>-------------------


>Backward-incompatible changes:
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

>*none*


>Deprecations:
>^^^^^^^^^^^^^

>*none*


>Changes:
>^^^^^^^^


>- Re-added a subset of the ``OpenSSL.rand`` module.
>  This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork.
>  `708 &lt;https://github.com/pyca/pyopenssl/pull/708&gt;`_
>- Corrected a use-after-free when reusing an issuer or subject from an ``X509`` object after the underlying object has been mutated.
>  `709 &lt;https://github.com/pyca/pyopenssl/pull/709&gt;`_

>----











That's it for now!

Happy merging! 🤖
Loading status checks…
2e98420
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment