You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
assignee=Noneclosed_at=<Date2018-12-17.13:08:34.186>created_at=<Date2018-12-05.08:41:12.281>labels= ['3.8']
title='fileno argument to socket.socket is not validated'updated_at=<Date2018-12-17.13:08:34.186>user='https://github.com/dimaqq'
Resulting in a socket object that will fail at runtime.
One of the implications is that it's possible to "steal" file descriptor, i.e. create a socket for an fd that doesn't exist; then some other function/thread happens to create e.g. socket with this specific fd, which can be "unexpectedly" used (or closed or modified, e.g. non-blocking changed) through the first socket object.
Additionally if the shorthand is used, the exception raised in these cases has odd text, at least it was misleading for me.
>>> socket.socket(fileno=get_wrong_fd_from_somewhere())
[snip]
OSError: [Errno 9] Bad file descriptor: 'family'
I thought that I had a bug whereby a string was passed in instead of an int fd;
Ultimately I had to look in cpython source code to understand what the "family" meant.
New changeset e991270 by Miss Islington (bot) (Dima Tisnek) in branch 'master': bpo-35415: validate fileno argument to socket.socket (GH-10917) e991270
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: