[Python-checkins] [3.12] gh-106831: Fix NULL check of d2i_SSL_SESSION() result in _ssl.c (GH-106832) (#106835)

Mon Jul 17 16:40:18 EDT 2023

https://github.com/python/cpython/commit/2eef81e05ece14796e8e922ecac8e572a6e6d5b0
commit: 2eef81e05ece14796e8e922ecac8e572a6e6d5b0
branch: 3.12
author: Miss Islington (bot) <31488909+miss-islington at users.noreply.github.com>
committer: vstinner <vstinner at python.org>
date: 2023-07-17T20:40:15Z
summary:

[3.12] gh-106831: Fix NULL check of d2i_SSL_SESSION() result in _ssl.c (GH-106832) (#106835)

gh-106831: Fix NULL check of d2i_SSL_SESSION() result in _ssl.c (GH-106832)
(cherry picked from commit ebf2c56b33553a448da8f60fcd89a622f071b5f4)

Co-authored-by: Nikita Sobolev <mail at sobolevn.me>

files:
A Misc/NEWS.d/next/Library/2023-07-17-21-45-15.gh-issue-106831.RqVq9X.rst
M Modules/_ssl.c

diff --git a/Misc/NEWS.d/next/Library/2023-07-17-21-45-15.gh-issue-106831.RqVq9X.rst b/Misc/NEWS.d/next/Library/2023-07-17-21-45-15.gh-issue-106831.RqVq9X.rst
new file mode 100644
index 0000000000000..d3b9862684539
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2023-07-17-21-45-15.gh-issue-106831.RqVq9X.rst
@@ -0,0 +1,2 @@
+Fix potential missing ``NULL`` check of ``d2i_SSL_SESSION`` result in
+``_ssl.c``.
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 5f90584a99c08..a3fb12e483750 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -2779,7 +2779,7 @@ _ssl_session_dup(SSL_SESSION *session) {
     /* get length */
     slen = i2d_SSL_SESSION(session, NULL);
     if (slen == 0 || slen > 0xFF00) {
-        PyErr_SetString(PyExc_ValueError, "i2d() failed.");
+        PyErr_SetString(PyExc_ValueError, "i2d() failed");
         goto error;
     }
     if ((senc = PyMem_Malloc(slen)) == NULL) {
@@ -2788,12 +2788,13 @@ _ssl_session_dup(SSL_SESSION *session) {
     }
     p = senc;
     if (!i2d_SSL_SESSION(session, &p)) {
-        PyErr_SetString(PyExc_ValueError, "i2d() failed.");
+        PyErr_SetString(PyExc_ValueError, "i2d() failed");
         goto error;
     }
     const_p = senc;
     newsession = d2i_SSL_SESSION(NULL, &const_p, slen);
-    if (session == NULL) {
+    if (newsession == NULL) {
+        PyErr_SetString(PyExc_ValueError, "d2i() failed");
         goto error;
     }
     PyMem_Free(senc);

