Content-Length: 555729 | pFad | https://github.com/python/cpython/issues/94101

55 Attribute lookup on SSLSession object created through public constructor causes SIGSEGV · Issue #94101 · python/cpython · GitHub
Skip to content

Attribute lookup on SSLSession object created through public constructor causes SIGSEGV #94101

New issue
New issue
Closed
#94102
Closed
Attribute lookup on SSLSession object created through public constructor causes SIGSEGV#94101
#94102
Labels
type-bugAn unexpected behavior, bug, or error
@chgnrdv

Description

@chgnrdv
chgnrdv
opened on Jun 21, 2022

Example:

>>> import ssl
>>> s = ssl.SSLSession()
>>> s.id
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff73b8949 in SSL_SESSION_get_id () from /usr/lib/libssl.so.1.1

Environment:
CPython version tested on: 3.10.3, 3.12.0a0.
SSL version: 1.1.1n.
Linux, 5.16.9-arch1-1, x86_64.

The possible fix is to disallow instantiation for SSLSession type. Access to session property of SSLSocket objects works through PySSL_get_session (which does all necessary checks) and attributes of SSLSession objects are read-only so I think it shouldn't break anything.

Metadata

Metadata

Assignees

No one assigned

    Labels

    type-bugAn unexpected behavior, bug, or error

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions








      ApplySandwichStrip

      pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


      --- a PPN by Garber Painting Akron. With Image Size Reduction included!

      Fetched URL: https://github.com/python/cpython/issues/94101

      Alternative Proxies:

      Alternative Proxy

      pFad Proxy

      pFad v3 Proxy

      pFad v4 Proxy