From 51796521f54162543435b673a1b6b65deaf170f3 Mon Sep 17 00:00:00 2001 From: chgnrdv Date: Wed, 22 Jun 2022 01:16:42 +0300 Subject: [PATCH 1/2] Disallow instantiation of SSLSession objects Directly instantiated SSLSession objects don't make much sense, but attribute lookup on them causes segmentation fault. This commit makes SSLSession objects non-instantiable. --- Modules/_ssl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Modules/_ssl.c b/Modules/_ssl.c index e67ab42050b26c..08596577086ac4 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -5067,7 +5067,8 @@ static PyType_Spec PySSLSession_spec = { .name = "_ssl.SSLSession", .basicsize = sizeof(PySSLSession), .flags = (Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC | - Py_TPFLAGS_IMMUTABLETYPE), + Py_TPFLAGS_IMMUTABLETYPE | + Py_TPFLAGS_DISALLOW_INSTANTIATION), .slots = PySSLSession_slots, }; From 319fb4ecce8a4f4e54f2ec3fa9b84e9c2984980e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Langa?= Date: Wed, 22 Jun 2022 11:16:15 +0200 Subject: [PATCH 2/2] Add Blurb --- .../next/Library/2022-06-22-11-16-11.gh-issue-94101.V9vDG8.rst | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 Misc/NEWS.d/next/Library/2022-06-22-11-16-11.gh-issue-94101.V9vDG8.rst diff --git a/Misc/NEWS.d/next/Library/2022-06-22-11-16-11.gh-issue-94101.V9vDG8.rst b/Misc/NEWS.d/next/Library/2022-06-22-11-16-11.gh-issue-94101.V9vDG8.rst new file mode 100644 index 00000000000000..bcef0ca07470a6 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2022-06-22-11-16-11.gh-issue-94101.V9vDG8.rst @@ -0,0 +1,3 @@ +Manual instantiation of :class:`ssl.SSLSession` objects is no longer allowed +as it lead to misconfigured instances that crashed the interpreter when +attributes where accessed on them.