From 96d98cf192cf1e9bc5d6bbeff5311e8961e58439 Mon Sep 17 00:00:00 2001
From: Leopold <leommxj@gmail.com>
Date: Fri, 1 Nov 2024 21:36:30 +0800
Subject: [PATCH 1/2] fix fromsocket to deal with ipv6 socket (#2497)

* fix fromsocket to deal with ipv6 socket

* add remote.fromsocket ipv6 test and update CHANGELOG.md

* skip fromsocket ipv6 test
---
 CHANGELOG.md           | 6 ++++++
 pwnlib/tubes/remote.py | 9 ++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 37b77a9fe..4c5c96021 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -129,6 +129,12 @@ The table below shows which release corresponds to each branch, and what date th
 [2435]: https://github.com/Gallopsled/pwntools/pull/2435
 [2437]: https://github.com/Gallopsled/pwntools/pull/2437
 
+## 4.13.2
+
+- [#2497][2497] Fix remote.fromsocket() to handle AF_INET6 socket
+
+[2497]: https://github.com/Gallopsled/pwntools/pull/2497
+
 ## 4.13.1 (`stable`)
 
 - [#2445][2445] Fix parsing the PLT on Windows
diff --git a/pwnlib/tubes/remote.py b/pwnlib/tubes/remote.py
index 58008194c..4c6d9dcd2 100644
--- a/pwnlib/tubes/remote.py
+++ b/pwnlib/tubes/remote.py
@@ -53,6 +53,13 @@ class remote(sock):
         >>> r = remote.fromsocket(s)
         >>> r.recvn(4)
         b'HTTP'
+        >>> s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM) #doctest: +SKIP
+        >>> s.connect(('2606:4700:4700::1111', 80)) #doctest: +SKIP
+        >>> s.send(b'GET ' + b'\r\n'*2) #doctest: +SKIP
+        8
+        >>> r = remote.fromsocket(s) #doctest: +SKIP
+        >>> r.recvn(4) #doctest: +SKIP
+        b'HTTP'
     """
 
     def __init__(self, host, port,
@@ -139,7 +146,7 @@ def fromsocket(cls, socket):
             Instance of pwnlib.tubes.remote.remote.
         """
         s = socket
-        host, port = s.getpeername()
+        host, port = s.getpeername()[:2]
         return remote(host, port, fam=s.family, typ=s.type, sock=s)
 
 class tcp(remote):

From a0ddbf5e1648d567b23f8a44408aa9e85397aac7 Mon Sep 17 00:00:00 2001
From: Peace-Maker <peacemakerctf@gmail.com>
Date: Tue, 10 Dec 2024 20:34:39 +0100
Subject: [PATCH 2/2] Tests: Revert timeout changes from gdb tests

There were additional `timeout=X` additions in #2382 which caused tests to fail randomly when a timeout was reached. The tests run through occationally, so it's not an infinite loop. But flakey tests are annoying and I don't see a reason for the timeout additions to the doctests for the core patch of that PR other than failing early during manual tests of new functionality. CI running smoothly is more important than fast failing during development on the gdb module imo.
---
 pwnlib/gdb.py | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/pwnlib/gdb.py b/pwnlib/gdb.py
index 1315408d0..690e360a4 100644
--- a/pwnlib/gdb.py
+++ b/pwnlib/gdb.py
@@ -195,7 +195,7 @@ def debug_assembly(asm, gdbscript=None, vma=None, api=False):
 
     >>> assembly = shellcraft.echo("Hello world!\n")
     >>> io = gdb.debug_assembly(assembly)
-    >>> io.recvline(timeout=1)
+    >>> io.recvline()
     b'Hello world!\n'
     """
     tmp_elf = make_elf_from_assembly(asm, vma=vma, extract=False)
@@ -230,7 +230,7 @@ def debug_shellcode(data, gdbscript=None, vma=None, api=False):
     >>> assembly = shellcraft.echo("Hello world!\n")
     >>> shellcode = asm(assembly)
     >>> io = gdb.debug_shellcode(shellcode)
-    >>> io.recvline(timeout=1)
+    >>> io.recvline()
     b'Hello world!\n'
     """
     if isinstance(data, six.text_type):
@@ -490,12 +490,12 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
         Send a command to Bash
 
         >>> io.sendline(b"echo hello")
-        >>> io.recvline(timeout=30)
+        >>> io.recvline()
         b'hello\n'
 
         Interact with the process
 
-        >>> io.interactive(timeout=1) # doctest: +SKIP
+        >>> io.interactive() # doctest: +SKIP
         >>> io.close()
 
         Create a new process, and stop it at '_start'
@@ -514,7 +514,7 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
         Send a command to Bash
 
         >>> io.sendline(b"echo hello")
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'hello\n'
 
         Interact with the process
@@ -526,19 +526,19 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
 
         >>> io = gdb.debug(args=[b'\xde\xad\xbe\xef'], gdbscript='continue', exe="/bin/sh")
         >>> io.sendline(b"echo $0")
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'\xde\xad\xbe\xef\n'
         >>> io.close()
 
         Demonstrate that LD_PRELOAD is respected
 
         >>> io = process(["grep", "libc.so.6", "/proc/self/maps"])
-        >>> real_libc_path = io.recvline(timeout=1).split()[-1]
+        >>> real_libc_path = io.recvline().split()[-1]
         >>> io.close()
         >>> import shutil
         >>> local_path = shutil.copy(real_libc_path, "./local-libc.so") # make a copy of libc to demonstrate that it is loaded
         >>> io = gdb.debug(["grep", "local-libc.so", "/proc/self/maps"], gdbscript="continue", env={"LD_PRELOAD": "./local-libc.so"})
-        >>> io.recvline(timeout=1).split()[-1] # doctest: +ELLIPSIS
+        >>> io.recvline().split()[-1] # doctest: +ELLIPSIS
         b'.../local-libc.so'
         >>> io.close()
         >>> os.remove("./local-libc.so") # cleanup
@@ -572,7 +572,7 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
 
         >>> io = gdb.debug(args=[b'\xde\xad\xbe\xef'], gdbscript='continue', exe="/bin/sh", ssh=shell)
         >>> io.sendline(b"echo $0")
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'$ \xde\xad\xbe\xef\n'
         >>> io.close()
 
@@ -580,7 +580,7 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
 
         >>> io = gdb.debug(args=[], gdbscript='continue', exe="/bin/sh", ssh=shell)
         >>> io.sendline(b"echo $0")
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'$ \n'
         >>> io.close()
 
@@ -620,12 +620,12 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
         Resume the program
 
         >>> io.gdb.continue_nowait()
-        >>> io.recvline(timeout=1)
+        >>> io.recvline()
         b'foo\n'
         >>> io.close()
 
         >>> ssh_io.gdb.continue_nowait()
-        >>> ssh_io.recvline(timeout=1)
+        >>> ssh_io.recvline()
         b'foo\n'
         >>> ssh_io.close()
         >>> shell.close()
@@ -978,7 +978,7 @@ def attach(target, gdbscript = '', exe = None, gdb_args = None, ssh = None, sysr
         ... detach
         ... quit
         ... ''')
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'Hello from process debugger!\n'
         >>> io.sendline(b'echo Hello from bash && exit')
         >>> io.recvall()
@@ -1005,7 +1005,7 @@ def attach(target, gdbscript = '', exe = None, gdb_args = None, ssh = None, sysr
 
             Observe the forced line
 
-            >>> io.recvline(timeout=1)
+            >>> io.recvline()
             b'Hello from process debugger!\n'
 
             Interact with the program in a regular way
@@ -1029,7 +1029,7 @@ def attach(target, gdbscript = '', exe = None, gdb_args = None, ssh = None, sysr
         ... detach
         ... quit
         ... ''')
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'Hello from remote debugger!\n'
         >>> io.sendline(b'echo Hello from bash && exit')
         >>> io.recvall()
@@ -1048,7 +1048,7 @@ def attach(target, gdbscript = '', exe = None, gdb_args = None, ssh = None, sysr
         >>> io.recvline(timeout=5)  # doctest: +SKIP
         b'Hello from ssh debugger!\n'
         >>> io.sendline(b'This will be echoed back')
-        >>> io.recvline(timeout=1)
+        >>> io.recvline()
         b'This will be echoed back\n'
         >>> io.close()
     """