From: Raymond Hettinger Date: Fri, 30 Dec 2016 05:54:25 +0000 (-0700) Subject: Issue #29061: secrets.randbelow() would hang with a negative input X-Git-Tag: v3.6.1rc1~238 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e9ee207622f0f78e31b8277ccb9eaa895ea3472d;p=python Issue #29061: secrets.randbelow() would hang with a negative input --- diff --git a/Lib/secrets.py b/Lib/secrets.py index 27fa4503d7..130434229e 100644 --- a/Lib/secrets.py +++ b/Lib/secrets.py @@ -26,6 +26,8 @@ choice = _sysrand.choice def randbelow(exclusive_upper_bound): """Return a random int in the range [0, n).""" + if exclusive_upper_bound <= 0: + raise ValueError("Upper bound must be positive.") return _sysrand._randbelow(exclusive_upper_bound) DEFAULT_ENTROPY = 32 # number of bytes to return by default diff --git a/Lib/test/test_secrets.py b/Lib/test/test_secrets.py index 4c65cf00cd..d31d07e01f 100644 --- a/Lib/test/test_secrets.py +++ b/Lib/test/test_secrets.py @@ -70,6 +70,7 @@ class Random_Tests(unittest.TestCase): for i in range(2, 10): self.assertIn(secrets.randbelow(i), range(i)) self.assertRaises(ValueError, secrets.randbelow, 0) + self.assertRaises(ValueError, secrets.randbelow, -1) class Token_Tests(unittest.TestCase): diff --git a/Misc/ACKS b/Misc/ACKS index 5faed18582..1c3f573d61 100644 --- a/Misc/ACKS +++ b/Misc/ACKS @@ -369,6 +369,7 @@ Daniel Dittmar Josip Djolonga Walter Dörwald Jaromir Dolecek +Brendan Donegan Ismail Donmez Robert Donohue Marcos Donolo diff --git a/Misc/NEWS b/Misc/NEWS index 3436c0a52f..f3c6e9e04e 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -43,6 +43,9 @@ Library - Issue #29085: Allow random.Random.seed() to use high quality OS randomness rather than the pid and time. +- Issue #29061: Fixed bug in secrets.randbelow() which would hang when given + a negative input. Patch by Brendan Donegan. + - Issue #29079: Prevent infinite loop in pathlib.resolve() on Windows - Issue #13051: Fixed recursion errors in large or resized