[New-bugs-announce] [issue45159] data_received called on protocol after call to pause_reading on ssl transport

[Christopher Brichford]

New submission from Christopher Brichford <chrisb at farmersbusinessnetwork.com>:

An SSL connection created with loop.create_connection may have data_received called on its protocol after pause_reading has been called on the transport.

If an application has a protocol whose data_received method calls pause_reading on the transport then there is a chance that the data_received method will be called again before the application calls resume_reading on the transport.

That existing implementation of pause_reading at:
https://github.com/python/cpython/blob/62fa613f6a6e872723505ee9d56242c31a654a9d/Lib/asyncio/sslproto.py#L335

calls pause_reading on the underlying socket transport, which is correct.  However, there is a loop in the SSLProtocol's data_received method:
https://github.com/python/cpython/blob/62fa613f6a6e872723505ee9d56242c31a654a9d/Lib/asyncio/sslproto.py#L335

If the loop referenced above has more than one iteration then there is a chance that the application protocol's data_received method could call pause_reading on the transport.  If that happens on any iteration of the loop other than the last iteration, then the SSLProtocol's data_received method will call the application protocol's data_received method when it should not.

Stealing uvloop's asyncio ssl implementation would resolve this bug: https://bugs.python.org/issue44011

----------
components: asyncio
messages: 401553
nosy: asvetlov, chrisb2, yselivanov
priority: normal
severity: normal
status: open
title: data_received called on protocol after call to pause_reading on ssl transport
type: behavior
versions: Python 3.10

_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue45159>
_______________________________________