Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pure-Python implementation of socket.socketpair() doesn't authenticate connected socket #122133

Closed
sethmlarson opened this issue Jul 22, 2024 · 1 comment
Labels
type-bug An unexpected behavior, bug, or error type-security A security issue

Comments

@sethmlarson
Copy link
Contributor

sethmlarson commented Jul 22, 2024

Bug report

Bug description:

socket.socketpair() has a fall-back implementation on platforms that don't support socket.AF_UNIX which uses AF_INET[6] sockets bound to localhost. This connection is expected to come from the same process.

CPython versions tested on:

CPython main branch

Operating systems tested on:

Linux, Windows

Linked PRs

@sethmlarson sethmlarson added type-bug An unexpected behavior, bug, or error type-security A security issue labels Jul 22, 2024
gpshead added a commit that referenced this issue Jul 29, 2024
…allback (GH-122134)

* Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 29, 2024
…r()` fallback (pythonGH-122134)

* Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 29, 2024
…r()` fallback (pythonGH-122134)

* Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 29, 2024
…r()` fallback (pythonGH-122134)

* Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 29, 2024
…r()` fallback (pythonGH-122134)

* Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 29, 2024
…r()` fallback (pythonGH-122134)

* Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 29, 2024
…r()` fallback (pythonGH-122134)

* Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
gpshead added a commit that referenced this issue Jul 29, 2024
…ir()` fallback (GH-122134) (GH-122425)

Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
gpshead added a commit that referenced this issue Jul 30, 2024
…ir()` fallback (GH-122134) (GH-122424)

Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
ambv pushed a commit that referenced this issue Jul 30, 2024
…ir()` fallback (GH-122134) (#122426)

Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
ambv pushed a commit that referenced this issue Jul 30, 2024
…ir()` fallback (GH-122134) (#122427)

Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
ambv pushed a commit that referenced this issue Jul 30, 2024
…r()` fallback (GH-122134) (#122428)

Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
ambv added a commit that referenced this issue Jul 30, 2024
…r()` fallback (GH-122134) (GH-122429)

Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API.  We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion).

(cherry picked from commit 78df104)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
Yhg1s pushed a commit that referenced this issue Jul 31, 2024
…lib.reload. (#122493)


Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 31, 2024
…importlib.reload. (pythonGH-122493)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 31, 2024
…importlib.reload. (pythonGH-122493)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 31, 2024
…importlib.reload. (pythonGH-122493)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 31, 2024
…importlib.reload. (pythonGH-122493)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 31, 2024
…importlib.reload. (pythonGH-122493)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 31, 2024
…importlib.reload. (pythonGH-122493)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Yhg1s pushed a commit that referenced this issue Jul 31, 2024
… importlib.reload. (GH-122493) (#122504)

gh-122133: Rework pure Python socketpair tests to avoid use of importlib.reload. (GH-122493)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
gpshead added a commit that referenced this issue Jul 31, 2024
… importlib.reload. (GH-122493) (GH-122505)

gh-122133: Rework pure Python socketpair tests to avoid use of importlib.reload. (GH-122493)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
ambv pushed a commit that referenced this issue Aug 2, 2024
… importlib.reload. (GH-122493) (GH-122506)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
ambv pushed a commit that referenced this issue Aug 2, 2024
… importlib.reload. (GH-122493) (GH-122507)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
ambv pushed a commit that referenced this issue Aug 2, 2024
…importlib.reload. (GH-122493) (GH-122508)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
ambv pushed a commit that referenced this issue Aug 2, 2024
…importlib.reload. (GH-122493) (GH-122509)

(cherry picked from commit f071f01)

Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
@ambv ambv closed this as completed Aug 2, 2024
@cfi-gb
Copy link

cfi-gb commented Aug 12, 2024

Only for (easier) tracking purposes (because searching for this CVE doesn't yield any results in this repo), it seems CVE-2024-3219 is now linked to this issue:

blhsing pushed a commit to blhsing/cpython that referenced this issue Aug 22, 2024
…importlib.reload. (python#122493)


Co-authored-by: Gregory P. Smith <greg@krypto.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type-bug An unexpected behavior, bug, or error type-security A security issue
Projects
None yet
Development

No branches or pull requests

3 participants