Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

_ssl.c does not handle errors on module creation #111230

Closed
Assignees
sobolevn
Labels
@sobolevn

Description

@sobolevn

Bug report

sslmodule_init_constants does not return-1 when any ofPyModule_Add* calls fail.

For example,PyModule_AddIntConstant returns-1 on error, but it is never checked:

cpython/Modules/_ssl.c

Lines 5790 to 5831 in96cbd1e

PyModule_AddStringConstant(m,"_DEFAULT_CIPHERS",
PY_SSL_DEFAULT_CIPHER_STRING);
PyModule_AddIntConstant(m,"SSL_ERROR_ZERO_RETURN",
PY_SSL_ERROR_ZERO_RETURN);
PyModule_AddIntConstant(m,"SSL_ERROR_WANT_READ",
PY_SSL_ERROR_WANT_READ);
PyModule_AddIntConstant(m,"SSL_ERROR_WANT_WRITE",
PY_SSL_ERROR_WANT_WRITE);
PyModule_AddIntConstant(m,"SSL_ERROR_WANT_X509_LOOKUP",
PY_SSL_ERROR_WANT_X509_LOOKUP);
PyModule_AddIntConstant(m,"SSL_ERROR_SYSCALL",
PY_SSL_ERROR_SYSCALL);
PyModule_AddIntConstant(m,"SSL_ERROR_SSL",
PY_SSL_ERROR_SSL);
PyModule_AddIntConstant(m,"SSL_ERROR_WANT_CONNECT",
PY_SSL_ERROR_WANT_CONNECT);
/* non ssl.h errorcodes */
PyModule_AddIntConstant(m,"SSL_ERROR_EOF",
PY_SSL_ERROR_EOF);
PyModule_AddIntConstant(m,"SSL_ERROR_INVALID_ERROR_CODE",
PY_SSL_ERROR_INVALID_ERROR_CODE);
/* cert requirements */
PyModule_AddIntConstant(m,"CERT_NONE",
PY_SSL_CERT_NONE);
PyModule_AddIntConstant(m,"CERT_OPTIONAL",
PY_SSL_CERT_OPTIONAL);
PyModule_AddIntConstant(m,"CERT_REQUIRED",
PY_SSL_CERT_REQUIRED);
/* CRL verification for verification_flags */
PyModule_AddIntConstant(m,"VERIFY_DEFAULT",
0);
PyModule_AddIntConstant(m,"VERIFY_CRL_CHECK_LEAF",
X509_V_FLAG_CRL_CHECK);
PyModule_AddIntConstant(m,"VERIFY_CRL_CHECK_CHAIN",
X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
PyModule_AddIntConstant(m,"VERIFY_X509_STRICT",
X509_V_FLAG_X509_STRICT);
PyModule_AddIntConstant(m,"VERIFY_ALLOW_PROXY_CERTS",
X509_V_FLAG_ALLOW_PROXY_CERTS);
PyModule_AddIntConstant(m,"VERIFY_X509_TRUSTED_FIRST",
X509_V_FLAG_TRUSTED_FIRST);

Other ``sslmodule_init_*` functions do check for errors correctly.
I have a PR ready.

Linked PRs

Metadata

Metadata

Assignees

Labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions

    [8]ページ先頭
    ©2009-2025 Movatter.jp