pyglue: generate_random_bytes/str accept positive numbers only

We aren't yet able to generate negative numbers of random bytes.

Instead a request for -n bytes is implicitly converted into one for
SIZE_MAX - n bytes, which is typically very large. Memory exhaustion
seems a likely outcome.

With this patch callers will see a ValueError.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

1 files changed, 16 insertions, 4 deletions

diff --git a/python/pyglue.c b/python/pyglue.c
index 5ee2b68b8ad..969b35145de 100644
--- a/python/pyglue.c
+++ b/python/pyglue.c
@@ -37,9 +37,15 @@ static PyObject *py_generate_random_str(PyObject *self, PyObject *args)
 	int len;
 	PyObject *ret;
 	char *retstr;
-	if (!PyArg_ParseTuple(args, "i", &len))
+	if (!PyArg_ParseTuple(args, "i", &len)) {
 		return NULL;
-
+	}
+	if (len < 0) {
+		PyErr_Format(PyExc_ValueError,
+			     "random string length should be positive, not %d",
+			     len);
+		return NULL;
+	}
 	retstr = generate_random_str(NULL, len);
 	ret = PyUnicode_FromString(retstr);
 	talloc_free(retstr);
@@ -97,9 +103,15 @@ static PyObject *py_generate_random_bytes(PyObject *self, PyObject *args)
 	PyObject *ret;
 	uint8_t *bytes = NULL;
 
-	if (!PyArg_ParseTuple(args, "i", &len))
+	if (!PyArg_ParseTuple(args, "i", &len)) {
 		return NULL;
-
+	}
+	if (len < 0) {
+		PyErr_Format(PyExc_ValueError,
+			     "random bytes length should be positive, not %d",
+			     len);
+		return NULL;
+	}
 	bytes = talloc_zero_size(NULL, len);
 	if (bytes == NULL) {
 		PyErr_NoMemory();