Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fileno argument to socket.socket is not validated #79596

dimaqq mannequin opened this issue Dec 5, 2018 · 2 comments

fileno argument to socket.socket is not validated #79596

dimaqq mannequin opened this issue Dec 5, 2018 · 2 comments
3.8 only security fixes


Copy link

dimaqq mannequin commented Dec 5, 2018

BPO 35415
Nosy @dimaqq, @miss-islington
  • bpo-35415: validate fileno argument to socket.socket #10917
  • Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
    closed_at = <Date 2018-12-17.13:08:34.186>
    created_at = <Date 2018-12-05.08:41:12.281>
    labels = ['3.8']
    title = 'fileno argument to socket.socket is not validated'
    updated_at = <Date 2018-12-17.13:08:34.186>
    user = '' fields:

    activity = <Date 2018-12-17.13:08:34.186>
    actor = 'asvetlov'
    assignee = 'none'
    closed = True
    closed_date = <Date 2018-12-17.13:08:34.186>
    closer = 'asvetlov'
    components = []
    creation = <Date 2018-12-05.08:41:12.281>
    creator = 'Dima.Tisnek'
    dependencies = []
    files = []
    hgrepos = []
    issue_num = 35415
    keywords = ['patch']
    message_count = 2.0
    messages = ['331096', '332001']
    nosy_count = 2.0
    nosy_names = ['Dima.Tisnek', 'miss-islington']
    pr_nums = ['10917']
    priority = 'normal'
    resolution = 'fixed'
    stage = 'resolved'
    status = 'closed'
    superseder = None
    type = None
    url = ''
    versions = ['Python 3.8']

    Copy link
    Mannequin Author

    dimaqq mannequin commented Dec 5, 2018

    socket.socket gained a fileno= kwarg the value of which is not checked if address family and socket type are both provided.

    For example, following is accepted:

    >> socket.socket(socket.AF_INET, socket.SOCK_STREAM, fileno=-1234)
    >> socket.socket(socket.AF_INET, socket.SOCK_STREAM, fileno=1234)
    >> socket.socket(socket.AF_INET, socket.SOCK_STREAM, fileno=0.999)

    Resulting in a socket object that will fail at runtime.

    One of the implications is that it's possible to "steal" file descriptor, i.e. create a socket for an fd that doesn't exist; then some other function/thread happens to create e.g. socket with this specific fd, which can be "unexpectedly" used (or closed or modified, e.g. non-blocking changed) through the first socket object.

    Additionally if the shorthand is used, the exception raised in these cases has odd text, at least it was misleading for me.

    >>> socket.socket(fileno=get_wrong_fd_from_somewhere())
    OSError: [Errno 9] Bad file descriptor: 'family'

    I thought that I had a bug whereby a string was passed in instead of an int fd;
    Ultimately I had to look in cpython source code to understand what the "family" meant.

    I volunteer to submit a patch!

    @dimaqq dimaqq mannequin added the 3.8 only security fixes label Dec 5, 2018
    Copy link

    New changeset e991270 by Miss Islington (bot) (Dima Tisnek) in branch 'master':
    bpo-35415: validate fileno argument to socket.socket (GH-10917)

    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    3.8 only security fixes
    None yet

    No branches or pull requests

    2 participants