meta-openembedded/meta-python/recipes-devtools/python/python3-waitress/CVE-2024-49769-6.patch

From 4a5ce98ecaed785a14781700106d60c4072c9b87 Mon Sep 17 00:00:00 2001
From: Delta Regeer <bertjw@regeer.org>
Date: Sun, 3 Mar 2024 16:37:12 -0700
Subject: [PATCH] When closing the socket, set it to None

This avoids calling close() twice on the same socket if self.close() or
self.handle_close() is called multiple times

CVE: CVE-2024-49769
Upstream-Status: Backport [https://github.com/Pylons/waitress/commit/9d99c89ae4aa8449313eea210a5ec9f3994a87b2]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 src/waitress/wasyncore.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/waitress/wasyncore.py b/src/waitress/wasyncore.py
index 117f78a..f0cd23e 100644
--- a/src/waitress/wasyncore.py
+++ b/src/waitress/wasyncore.py
@@ -437,6 +437,8 @@ class dispatcher:
                 if why.args[0] not in (ENOTCONN, EBADF):
                     raise
 
+            self.socket = None
+
     # log and log_info may be overridden to provide more sophisticated
     # logging and warning methods. In general, log is for 'hit' logging
     # and 'log_info' is for informational, warning and error logging.
@@ -487,7 +489,11 @@ class dispatcher:
         # handle_expt_event() is called if there might be an error on the
         # socket, or if there is OOB data
         # check for the error condition first
-        err = self.socket.getsockopt(socket.SOL_SOCKET, socket.SO_ERROR)
+        err = (
+            self.socket.getsockopt(socket.SOL_SOCKET, socket.SO_ERROR)
+            if self.socket is not None
+            else 1
+        )
         if err != 0:
             # we can get here when select.select() says that there is an
             # exceptional condition on the socket