[New-bugs-announce] [issue28332] silent truncations in socket.htons and socket.ntohs

Oren Milman report at bugs.python.org
Sat Oct 1 11:06:10 EDT 2016 

New submission from Oren Milman:

------------ current state ------------
Due to the implementation of socket_htons (in Modules/socketmodule.c), in case the received integer does not fit in 16-bit unsigned integer, but does fit in a positive C int, it is silently truncated to 16-bit unsigned integer (before converting to network byte order):
>>> import socket
>>> hex(socket.htons(0x1234))
'0x3412'
>>> hex(socket.htons(0x81234))
'0x3412'
>>> hex(socket.htons(0x881234))
'0x3412'
>>> hex(socket.htons(0x8881234))
'0x3412'
>>> hex(socket.htons(0x88881234))
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
OverflowError: Python int too large to convert to C long
>>>

Likewise, socket.ntohs has the same silent truncation feature, due to the implementation of socket_ntohs.

ISTM this silent truncation feature has the potential to conceal nasty bugs, and I guess it is rarely used in purpose.

With regard to relevant changes made in the past:
    * The silent truncation was there since the two functions were first added, in changeset 3673 (https://hg.python.org/cpython/rev/f6ace61c3dfe).
    * A check whether the received integer is negative was added (to each of the two functions) in changeset 40632 (https://hg.python.org/cpython/rev/6efe3a4b10ac), as part of #1635058.
    Note the lack of discussion in #1635058 and #1619659 about backward compatibility. It might suggest that Guido didn't hesitate to make the change, even though at the time, the four conversion functions (socket.htons, socket.ntohs, socket.htonl and socket.ntohl) were already in the wild for 10 years.


------------ proposed changes ------------
    1. In Modules/socketmodule.c, raise a DeprecationWarning before silently truncating the received integer. In Python 3.8, replace the DeprecationWarning with an OverflowError.

    2. In Lib/test/test_socket.py, add tests to verify a DeprecationWarning is raised as expected.

    3. In Doc/library/socket.rst, add a description of the silent truncation feature, and declare it is deprecated.


------------ diff ------------
The proposed patches diff file is attached.

(I wasn't sure you would approve deprecating a feature that was in the wild for so long, but I implemented it anyway, as it was quite simple.)


------------ tests ------------
I ran 'python_d.exe -m test -j3' (on my 64-bit Windows 10) with and without the patches, and got quite the same output. (That also means my new tests in test_socket passed.)
The outputs of both runs are attached.

----------
components: Library (Lib)
files: CPythonTestOutput.txt
messages: 277820
nosy: Oren Milman
priority: normal
severity: normal
status: open
title: silent truncations in socket.htons and socket.ntohs
type: behavior
versions: Python 3.7
Added file: http://bugs.python.org/file44911/CPythonTestOutput.txt

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue28332>
_______________________________________

More information about the New-bugs-announce mailing list