Bug 140715 - sys.stdin segfaults on invalid stdin
Summary: sys.stdin segfaults on invalid stdin
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: python
Version: 5
Hardware: i386
OS: Linux
medium
high
Target Milestone: ---
Assignee: Jeremy Katz
QA Contact: Brock Organ
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-11-24 13:36 UTC by David Nečas
Modified: 2007-11-30 22:10 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-01-06 21:12:37 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description David Nečas 2004-11-24 13:36:48 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3)
Gecko/20041020

Description of problem:
If stdin is invalid (e.g., redirected from a directory by mistake),
python interpreter segfaults on any attempt to access it.

Version-Release number of selected component (if applicable):
python-2.3.4-11

How reproducible:
Always

Steps to Reproduce:
1. python -c 'import sys; sys.stdin' <.
    

Actual Results:  Segmentation fault (core dumped)

Expected Results:  In this case no output.

In a case where one actually tries to read sys.stdin, I would expect
something like

Traceback (most recent call last):
  File "<string>", line 1, in ?
IOError: [Errno 21] Is a directory


Additional info:
Comment 1 Mihai Ibanescu 2004-12-13 23:41:44 UTC 
Reported upstream as bug
https://sourceforge.net/tracker/index.php?func=detail&aid=1084766&group_id=5470&atid=105470
Comment 2 Mihai Ibanescu 2005-12-19 14:14:41 UTC 
Upstream bug marked as a duplicate of:

https://sourceforge.net/tracker/index.php?func=detail&aid=1353504&group_id=5470&atid=105470

and reportedly fixed in 2.4.3 and 2.5
Comment 3 Matthew Miller 2006-07-10 21:59:02 UTC 
Fedora Core 3 is now maintained by the Fedora Legacy project for security
updates only. If this problem is a security issue, please reopen and
reassign to the Fedora Legacy product. If it is not a security issue and
hasn't been resolved in the current FC5 updates or in the FC6 test
release, reopen and change the version to match.

Thank you!
Comment 4 David Nečas 2006-07-10 22:46:30 UTC 
Cannot comment on security for FL.  It segfaults but I did not analyse the
implications of the faulty assertions it makes.

Updated FC5 contains python-2.4.3-8.FC5 where the bug is allegedly fixed
(comment #2).  The alleged fix consists of aborting and dumping core
intentionally instead of involuntary.  This is still a regression against older
Python versions (2.1?) where one got normal recoverable IOError exception.  Of
course, when stderr is bogus too things can get pretty hairy in the default
exception handler and abort may be the only option.

The funamental problem is that programs are left without any chance to _check_
for an invalid standard stream and handle the situation themselves.  It remains
unfixed.

In python 2.5 it reportedly exits without dumping core, but 2.5 seems irrelevant
even for FC6 so I haven't tried it.
Comment 5 Matthew Miller 2006-07-11 18:21:32 UTC 
Given "fundamental problem ... remains unfixed", this does indeed seem like an
FC5 issue.
Comment 6 Jeremy Katz 2007-01-06 21:12:37 UTC 
Fixed in 2.5 and should also be fixed in the current fc6 update
Note You need to log in before you can comment on or make changes to this bug.