Bug 140715

Summary: sys.stdin segfaults on invalid stdin
Product: [Fedora] Fedora Reporter: David Nečas <yeti>
Component: pythonAssignee: Jeremy Katz <katzj>
Status: CLOSED RAWHIDE QA Contact: Brock Organ <borgan>
Severity: high Docs Contact:
Priority: medium    
Version: 5CC: katzj, mattdm
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-01-06 21:12:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description David Nečas 2004-11-24 13:36:48 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3)
Gecko/20041020

Description of problem:
If stdin is invalid (e.g., redirected from a directory by mistake),
python interpreter segfaults on any attempt to access it.

Version-Release number of selected component (if applicable):
python-2.3.4-11

How reproducible:
Always

Steps to Reproduce:
1. python -c 'import sys; sys.stdin' <.
    

Actual Results:  Segmentation fault (core dumped)

Expected Results:  In this case no output.

In a case where one actually tries to read sys.stdin, I would expect
something like

Traceback (most recent call last):
  File "<string>", line 1, in ?
IOError: [Errno 21] Is a directory


Additional info:
Comment 1 Mihai Ibanescu 2004-12-13 23:41:44 UTC 
Reported upstream as bug
https://sourceforge.net/tracker/index.php?func=detail&aid=1084766&group_id=5470&atid=105470
Comment 2 Mihai Ibanescu 2005-12-19 14:14:41 UTC 
Upstream bug marked as a duplicate of:

https://sourceforge.net/tracker/index.php?func=detail&aid=1353504&group_id=5470&atid=105470

and reportedly fixed in 2.4.3 and 2.5
Comment 3 Matthew Miller 2006-07-10 21:59:02 UTC 
Fedora Core 3 is now maintained by the Fedora Legacy project for security
updates only. If this problem is a security issue, please reopen and
reassign to the Fedora Legacy product. If it is not a security issue and
hasn't been resolved in the current FC5 updates or in the FC6 test
release, reopen and change the version to match.

Thank you!
Comment 4 David Nečas 2006-07-10 22:46:30 UTC 
Cannot comment on security for FL.  It segfaults but I did not analyse the
implications of the faulty assertions it makes.

Updated FC5 contains python-2.4.3-8.FC5 where the bug is allegedly fixed
(comment #2).  The alleged fix consists of aborting and dumping core
intentionally instead of involuntary.  This is still a regression against older
Python versions (2.1?) where one got normal recoverable IOError exception.  Of
course, when stderr is bogus too things can get pretty hairy in the default
exception handler and abort may be the only option.

The funamental problem is that programs are left without any chance to _check_
for an invalid standard stream and handle the situation themselves.  It remains
unfixed.

In python 2.5 it reportedly exits without dumping core, but 2.5 seems irrelevant
even for FC6 so I haven't tried it.
Comment 5 Matthew Miller 2006-07-11 18:21:32 UTC 
Given "fundamental problem ... remains unfixed", this does indeed seem like an
FC5 issue.
Comment 6 Jeremy Katz 2007-01-06 21:12:37 UTC 
Fixed in 2.5 and should also be fixed in the current fc6 update