Limit SSL_write bufsize to avoid OverflowErrors (#603) * limit SSL_write bufsize to avoid OverflowErrors * fix .send() truncation, add test

commit: 868dc3c25404d3be232c209ec15f976e434668d5 [log] [tgz]
author: Maximilian Hils <git@maximilianhils.com> Fri Feb 10 14:56:55 2017 +0100
committer: Hynek Schlawack <hs@ox.cx> Fri Feb 10 14:56:55 2017 +0100
tree: c922b90ab3cabce0c2a03f0f7f1dfd1c724196a8
parent: b748099426db3963c7b06d2e0aec29e12e016c07 [diff] [blame]
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index d4158d4..8bbde5b 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py

@@ -1455,6 +1455,8 @@
             buf = str(buf)
         if not isinstance(buf, bytes):
             raise TypeError("data must be a memoryview, buffer or byte string")
+        if len(buf) > 2147483647:
+            raise ValueError("Cannot send more than 2**31-1 bytes at once.")
 
         result = _lib.SSL_write(self._ssl, buf, len(buf))
         self._raise_ssl_error(self._ssl, result)
@@ -1486,7 +1488,13 @@
         data = _ffi.new("char[]", buf)
 
         while left_to_send:
-            result = _lib.SSL_write(self._ssl, data + total_sent, left_to_send)
+            # SSL_write's num arg is an int,
+            # so we cannot send more than 2**31-1 bytes at once.
+            result = _lib.SSL_write(
+                self._ssl,
+                data + total_sent,
+                min(left_to_send, 2147483647)
+            )
             self._raise_ssl_error(self._ssl, result)
             total_sent += result
             left_to_send -= result
commit	868dc3c25404d3be232c209ec15f976e434668d5	[log] [tgz]
author	Maximilian Hils <git@maximilianhils.com>	Fri Feb 10 14:56:55 2017 +0100
committer	Hynek Schlawack <hs@ox.cx>	Fri Feb 10 14:56:55 2017 +0100
tree	c922b90ab3cabce0c2a03f0f7f1dfd1c724196a8
parent	b748099426db3963c7b06d2e0aec29e12e016c07 [diff] [blame]