Skip to content

gh-111178: fix UBSan failures in Modules/_ssl/cert.c #129088

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jan 30, 2025
+13 −7
Merged

gh-111178: fix UBSan failures in Modules/_ssl/cert.c #129088

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 13 additions & 7 deletions Modules/_ssl/cert.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -153,10 +153,13 @@ _x509name_print(_sslmodulestate *state, X509_NAME *name, int indent, unsigned lo
* PySSLCertificate_Type
*/

#define _PySSLCertificate_CAST(op) ((PySSLCertificate *)(op))

static PyObject *
certificate_repr(PySSLCertificate *self)
certificate_repr(PyObject *op)
{
PyObject *osubject, *result;
PySSLCertificate *self = _PySSLCertificate_CAST(op);

/* subject string is ASCII encoded, UTF-8 chars are quoted */
osubject = _x509name_print(
Expand All @@ -176,8 +179,9 @@ certificate_repr(PySSLCertificate *self)
}

static Py_hash_t
certificate_hash(PySSLCertificate *self)
certificate_hash(PyObject *op)
{
PySSLCertificate *self = _PySSLCertificate_CAST(op);
if (self->hash == (Py_hash_t)-1) {
unsigned long hash;
hash = X509_subject_name_hash(self->cert);
Expand All @@ -191,19 +195,20 @@ certificate_hash(PySSLCertificate *self)
}

static PyObject *
certificate_richcompare(PySSLCertificate *self, PyObject *other, int op)
certificate_richcompare(PyObject *lhs, PyObject *rhs, int op)
{
int cmp;
PySSLCertificate *self = _PySSLCertificate_CAST(lhs);
_sslmodulestate *state = get_state_cert(self);

if (Py_TYPE(other) != state->PySSLCertificate_Type) {
if (Py_TYPE(rhs) != state->PySSLCertificate_Type) {
Py_RETURN_NOTIMPLEMENTED;
}
/* only support == and != */
if ((op != Py_EQ) && (op != Py_NE)) {
Py_RETURN_NOTIMPLEMENTED;
}
cmp = X509_cmp(self->cert, ((PySSLCertificate*)other)->cert);
cmp = X509_cmp(self->cert, ((PySSLCertificate*)rhs)->cert);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
cmp = X509_cmp(self->cert, ((PySSLCertificate*)rhs)->cert);
cmp = X509_cmp(self->cert, _PySSLCertificate_CAST(rhs)->cert);

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've left out fast casts for which the input has already been checked so that if the macro is one day converted to a function with explicit checks, we don't double checks those

if (((op == Py_EQ) && (cmp == 0)) || ((op == Py_NE) && (cmp != 0))) {
Py_RETURN_TRUE;
} else {
Expand All @@ -212,11 +217,12 @@ certificate_richcompare(PySSLCertificate *self, PyObject *other, int op)
}

static void
certificate_dealloc(PySSLCertificate *self)
certificate_dealloc(PyObject *op)
{
PySSLCertificate *self = _PySSLCertificate_CAST(op);
PyTypeObject *tp = Py_TYPE(self);
X509_free(self->cert);
Py_TYPE(self)->tp_free(self);
(void)Py_TYPE(self)->tp_free(self);
Py_DECREF(tp);
}

Expand Down
Loading