diff options
| -rw-r--r-- | Lib/test/test_ssl.py | 3 | ||||
| -rw-r--r-- | Misc/NEWS | 2 | ||||
| -rw-r--r-- | Modules/_ssl.c | 2 |
3 files changed, 6 insertions, 1 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 0e4759554a..4ea1a63e49 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -394,6 +394,9 @@ class ContextTests(unittest.TestCase): ctx.load_verify_locations(CERTFILE, CAPATH) ctx.load_verify_locations(CERTFILE, capath=BYTES_CAPATH) + # Issue #10989: crash if the second argument type is invalid + self.assertRaises(TypeError, ctx.load_verify_locations, None, True) + @skip_if_broken_ubuntu_ssl def test_session_stats(self): for proto in PROTOCOLS: @@ -16,6 +16,8 @@ Core and Builtins Library ------- +- Issue #10989: Fix a crash on SSLContext.load_verify_locations(None, True). + - Issue #11020: Command-line pyclbr was broken because of missing 2-to-3 conversion. diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 1e4b38a9cd..141b1ae88c 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -1683,7 +1683,7 @@ load_verify_locations(PySSLContext *self, PyObject *args, PyObject *kwds) return NULL; } if (capath && !PyUnicode_FSConverter(capath, &capath_bytes)) { - Py_DECREF(cafile_bytes); + Py_XDECREF(cafile_bytes); PyErr_SetString(PyExc_TypeError, "capath should be a valid filesystem path"); return NULL; |