-
-
Notifications
You must be signed in to change notification settings - Fork 30.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
syslog issues #95041
Comments
serhiy-storchaka
added
type-bug
An unexpected behavior, bug, or error
3.11
only security fixes
3.12
bugs and security fixes
labels
Jul 20, 2022
serhiy-storchaka
added a commit
to serhiy-storchaka/cpython
that referenced
this issue
Jul 20, 2022
* syslog_get_argv() swallows exceptions, but not in all cases. * if ident is non UTF-8 encodable, syslog.openlog() fails after setting the global reference to ident. Now the C string saved internally in the previous call to openlog() points to the freed memory. * PySys_Audit() can crash if ident is NULL. * There may be a race condition with syslog.syslog(), because the global reference to ident is decrefed before setting the new value.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Jul 26, 2022
…H-95058) * syslog_get_argv() swallows exceptions, but not in all cases. * if ident is non UTF-8 encodable, syslog.openlog() fails after setting the global reference to ident. Now the C string saved internally in the previous call to openlog() points to the freed memory. * PySys_Audit() can crash if ident is NULL. * There may be a race condition with syslog.syslog(), because the global reference to ident is decrefed before setting the new value. * Possible use of freed memory if syslog.openlog() is called while the GIL is released in syslog.syslog(). (cherry picked from commit 68c555a) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
serhiy-storchaka
added a commit
that referenced
this issue
Jul 26, 2022
* syslog_get_argv() swallows exceptions, but not in all cases. * if ident is non UTF-8 encodable, syslog.openlog() fails after setting the global reference to ident. Now the C string saved internally in the previous call to openlog() points to the freed memory. * PySys_Audit() can crash if ident is NULL. * There may be a race condition with syslog.syslog(), because the global reference to ident is decrefed before setting the new value. * Possible use of freed memory if syslog.openlog() is called while the GIL is released in syslog.syslog().
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Jul 26, 2022
…H-95058) * syslog_get_argv() swallows exceptions, but not in all cases. * if ident is non UTF-8 encodable, syslog.openlog() fails after setting the global reference to ident. Now the C string saved internally in the previous call to openlog() points to the freed memory. * PySys_Audit() can crash if ident is NULL. * There may be a race condition with syslog.syslog(), because the global reference to ident is decrefed before setting the new value. * Possible use of freed memory if syslog.openlog() is called while the GIL is released in syslog.syslog(). (cherry picked from commit 68c555a) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
miss-islington
added a commit
that referenced
this issue
Jul 26, 2022
* syslog_get_argv() swallows exceptions, but not in all cases. * if ident is non UTF-8 encodable, syslog.openlog() fails after setting the global reference to ident. Now the C string saved internally in the previous call to openlog() points to the freed memory. * PySys_Audit() can crash if ident is NULL. * There may be a race condition with syslog.syslog(), because the global reference to ident is decrefed before setting the new value. * Possible use of freed memory if syslog.openlog() is called while the GIL is released in syslog.syslog(). (cherry picked from commit 68c555a) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
noamcohen97
added a commit
to noamcohen97/cpython
that referenced
this issue
Jul 26, 2022
ambv
pushed a commit
that referenced
this issue
Jul 26, 2022
…-95261) * syslog_get_argv() swallows exceptions, but not in all cases. * if ident is non UTF-8 encodable, syslog.openlog() fails after setting the global reference to ident. Now the C string saved internally in the previous call to openlog() points to the freed memory. * PySys_Audit() can crash if ident is NULL. * There may be a race condition with syslog.syslog(), because the global reference to ident is decrefed before setting the new value. * Possible use of freed memory if syslog.openlog() is called while the GIL is released in syslog.syslog(). (cherry picked from commit 68c555a) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
serhiy-storchaka
pushed a commit
that referenced
this issue
Jul 26, 2022
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Jul 26, 2022
…og fails (pythonGH-95264) (cherry picked from commit b1f648e) Co-authored-by: Noam Cohen <noam@noam.me>
This was referenced Jul 26, 2022
Merged
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Jul 26, 2022
…og fails (pythonGH-95264) (cherry picked from commit b1f648e) Co-authored-by: Noam Cohen <noam@noam.me>
I'm keeping this open until you decide about the NEWS entry, Serhiy. I'll mark it pending close, though. |
erlend-aasland
added
the
pending
The issue will be closed if no feedback is provided
label
Jul 26, 2022
(Ooops, sorry; pressed the wrong button) |
Merged
We kept this open based on #95264 (comment) It looks like Serhiy added the tests in #97953 but chose not to add a changelog entry, so I think we can close this out. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are several issues with corner cases in
syslog.openlog()
.syslog_get_argv()
swallows exceptions, but not in all cases.ident
is non UTF-8 encodable,syslog.openlog()
fails after setting the global reference toident
. Now the C string saved internally in the previous call toopenlog()
points to the freed memory.PySys_Audit()
can crash ifident
is NULL.syslog.syslog()
, because the global reference toident
is decrefed before setting the new value.And, since
syslog.syslog()
releases the GIL, there may be a race conditionsyslog.syslog()
withsyslog.openlog()
andsyslog.closelog()
which can decref the global reference toident
.P.S. @noamcohen97 noticed yet one issue in
syslog.syslog()
(potential returning a value from a function while an exception is set #95012 (comment)) and fixed it.The text was updated successfully, but these errors were encountered: