[Python-checkins] bpo-40121: Fixes audit event raised on creating a new socket (GH-19238)
Miss Islington (bot)
webhook-mailer at python.org
Tue Mar 31 07:57:15 EDT 2020
https://github.com/python/cpython/commit/6a0ee60db4cee4a01bae1a2922d21a859e9ea2ed
commit: 6a0ee60db4cee4a01bae1a2922d21a859e9ea2ed
branch: 3.8
author: Miss Islington (bot) <31488909+miss-islington at users.noreply.github.com>
committer: GitHub <noreply at github.com>
date: 2020-03-31T04:57:06-07:00
summary:
bpo-40121: Fixes audit event raised on creating a new socket (GH-19238)
(cherry picked from commit 63ba5cccf484b9ec23dfbf4cf7ffdc833eda98c3)
Co-authored-by: Steve Dower <steve.dower at python.org>
files:
A Misc/NEWS.d/next/Security/2020-03-30-23-16-25.bpo-40121.p2LIio.rst
M Lib/test/audit-tests.py
M Lib/test/test_audit.py
M Modules/socketmodule.c
diff --git a/Lib/test/audit-tests.py b/Lib/test/audit-tests.py
index 33f320992bb23..dda52a5a518f6 100644
--- a/Lib/test/audit-tests.py
+++ b/Lib/test/audit-tests.py
@@ -327,6 +327,28 @@ def hook(event, args):
CloseKey(kv)
+def test_socket():
+ import socket
+
+ def hook(event, args):
+ if event.startswith("socket."):
+ print(event, *args)
+
+ sys.addaudithook(hook)
+
+ socket.gethostname()
+
+ # Don't care if this fails, we just want the audit message
+ sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+ try:
+ # Don't care if this fails, we just want the audit message
+ sock.bind(('127.0.0.1', 8080))
+ except error:
+ pass
+ finally:
+ sock.close()
+
+
if __name__ == "__main__":
from test.libregrtest.setup import suppress_msvcrt_asserts
diff --git a/Lib/test/test_audit.py b/Lib/test/test_audit.py
index 73dd5c5b7db30..f405c6923979c 100644
--- a/Lib/test/test_audit.py
+++ b/Lib/test/test_audit.py
@@ -118,6 +118,18 @@ def test_winreg(self):
self.assertSequenceEqual(["winreg.EnumKey", " ", f"{expected} 10000"], events[3])
self.assertSequenceEqual(["winreg.PyHKEY.Detach", " ", expected], events[4])
+ def test_socket(self):
+ support.import_module("socket")
+ returncode, events, stderr = self.run_python("test_socket")
+ if returncode:
+ self.fail(stderr)
+
+ if support.verbose:
+ print(*events, sep='\n')
+ self.assertEqual(events[0][0], "socket.gethostname")
+ self.assertEqual(events[1][0], "socket.__new__")
+ self.assertEqual(events[2][0], "socket.bind")
+ self.assertTrue(events[2][2].endswith("('127.0.0.1', 8080)"))
if __name__ == "__main__":
unittest.main()
diff --git a/Misc/NEWS.d/next/Security/2020-03-30-23-16-25.bpo-40121.p2LIio.rst b/Misc/NEWS.d/next/Security/2020-03-30-23-16-25.bpo-40121.p2LIio.rst
new file mode 100644
index 0000000000000..5aac6cd8b9959
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2020-03-30-23-16-25.bpo-40121.p2LIio.rst
@@ -0,0 +1 @@
+Fixes audit events raised on creating a new socket.
diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
index 594a0d6efad19..5dc5f4e0d397b 100644
--- a/Modules/socketmodule.c
+++ b/Modules/socketmodule.c
@@ -5069,7 +5069,7 @@ sock_initobj(PyObject *self, PyObject *args, PyObject *kwds)
#ifdef MS_WINDOWS
/* In this case, we don't use the family, type and proto args */
- if (fdobj != NULL && fdobj != Py_None)
+ if (fdobj == NULL || fdobj == Py_None)
#endif
{
if (PySys_Audit("socket.__new__", "Oiii",
@@ -5091,8 +5091,9 @@ sock_initobj(PyObject *self, PyObject *args, PyObject *kwds)
}
memcpy(&info, PyBytes_AS_STRING(fdobj), sizeof(info));
- if (PySys_Audit("socket()", "iii", info.iAddressFamily,
- info.iSocketType, info.iProtocol) < 0) {
+ if (PySys_Audit("socket.__new__", "Oiii", s,
+ info.iAddressFamily, info.iSocketType,
+ info.iProtocol) < 0) {
return -1;
}
More information about the Python-checkins
mailing list