Serhiy Storchaka [Mon, 12 Jan 2026 08:37:28 +0000 (10:37 +0200)]
[3.13] gh-143378: Fix use-after-free when BytesIO is concurrently mutated during write operations (GH-143408) (GH-143600)
PyObject_GetBuffer() can execute user code (e.g. via __buffer__), which may
close or otherwise mutate a BytesIO object while write() or writelines()
is in progress. This could invalidate the internal buffer and lead to a
use-after-free.
[3.13] gh-127750: Fix annotations in singledispatchmethod signature tests (GH-143571) (GH-143708)
These tests relied on a bug -- gh-84644, which is that singledispatch
doesn't verify the annotation is on the "first" parameter.
(cherry picked from commit 620a5b92693ac1b2cef1f90fd3c2dba1bb794552)
Serhiy Storchaka [Sun, 11 Jan 2026 12:34:36 +0000 (14:34 +0200)]
[3.13] gh-143638: Forbid cuncurrent use of the Pickler and Unpickler objects in C implementation (GH-143664) (GH-143687)
Previously, this could cause crash or data corruption, now concurrent calls
of methods of the same object raise RuntimeError.
(cherry picked from commit d1282efb2b847bf9274d78c5f15ea00499b2c894)
[3.13] gh-143006: Fix and optimize mixed comparison of float and int (GH-143084) (GH-143624)
When comparing negative non-integer float and int with the same number
of bits in the integer part, __neg__() in the int subclass returning
not an int caused an assertion error.
Now the integer is no longer negated. Also, reduced the number of
temporary created Python objects.
(cherry picked from commit 66bca383bd3b12d21e879d991d77b37a4c638f88)
Hold a strong reference to 'hook' while calling the default
unraisable took to log hook failure.
(cherry picked from commit 1d0baf1ae48f98b61cc869a82e1b7206298f653f)
Sam Gross [Thu, 8 Jan 2026 17:35:56 +0000 (12:35 -0500)]
[3.13] gh-142095: Use thread local frame info in `py-bt` and `py-bt-full` when available (gh-143371) (#143567)
In optimized and `-Og` builds, arguments and local variables are frequently
unavailable in gdb. This makes `py-bt` fail to print anything useful. Use the
`PyThreadState*` pointers `_Py_tss_gilstate` and `Py_tss_tstate` to find the
interpreter frame if we can't get the frame from the
`_PyEval_EvalFrameDefault` call.
(cherry picked from commit 49c3b0a67a77bb42e736cea7dcbc1aa8fa704074)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.13] gh-133315: Document that compat32 should not be used with MIMEPart/EmailMessage (GH-143307) (#143495)
gh-133315: Document that compat32 should not be used with MIMEPart/EmailMessage (GH-143307)
(cherry picked from commit ff7d1cec41f391270560b9f4726791d8476c6eba)
The documentation incorrectly stated that the file descriptor is not
inherited by child processes. In reality, the close-on-exec flag (when
available) only prevents inheritance across exec() calls, not fork().
(cherry picked from commit e79c9b703117d8b0e7c4d86b704e2e7f120db883)
Co-authored-by: ADITYA RAI <adi.hack1234@gmail.com> Co-authored-by: Victor Stinner <vstinner@python.org>
Stan Ulbrych [Tue, 6 Jan 2026 11:49:31 +0000 (11:49 +0000)]
[3.13] gh-143003: Fix possible shared buffer overflow in bytearray.extend() (GH-143086) (GH-143448)
When __length_hint__() returns 0 for non-empty iterator, the data can be
written past the shared 0-terminated buffer, corrupting it.
(cherry picked from commit 522563549a49d28e763635c58274a23a6055f041)
[3.13] gh-143148: Replace pre-commit with prek in CI (GH-143149) (#143359)
Co-authored-by: Johann Christensen <johannchristensen@outlook.de> Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
[3.13] Update docstrings of `typing.Hashable`, `typing.List`, etc., to reflect their deprecation (GH-143295) (#143349)
Update docstrings of `typing.Hashable`, `typing.List`, etc., to reflect their deprecation (GH-143295)
(cherry picked from commit 18f3c59e57e5d30218210136060310310b10ff72)
Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
[3.13] gh-69686: Remove untrue part of `__import__` replacement docs (GH-143261) (#143282)
gh-69686: Remove untrue part of `__import__` replacement docs (GH-143261)
Remove untrue part of `__import__` replacement docs
The original statement effectively says that replacing `__import__` at global scope affects import statements, and not only that, but only import statements within the rest of the executing module. None of that has been true since at least Python 2.7, I think.
[3.13] gh-143200: fix UAFs in `Element.__{set,get}item__` when the element is concurrently mutated (GH-143226) (#143274)
gh-143200: fix UAFs in `Element.__{set,get}item__` when the element is concurrently mutated (GH-143226)
(cherry picked from commit b6b0e14b3d4aa9e9b89bef9a516177238883e1a7)
Changed condition to evaluate if timeout is less than or equals to 0. This is needed for simulated time environments such as Shadow where the time will match exactly on the boundary.
[3.13] gh-143004: Fix possible use-after-free in collections.Counter.update() (GH-143044) (GH-143167)
This happened when the Counter was mutated when incrementing
the value for an existing key.
(cherry picked from commit 86d904588e8c84c7fccb8faf84b343f03461970d)
[3.13] Correctly fold unknown-8bit originating from encoded words. (GH-142517) (#143147)
The unknown-8bit trick was designed to deal with unknown bytes in an
ASCII message, and it works fine for that. However, I also tried to
extend it to handle bytes that can't be decoded using the charset
specified in an encoded word, and there it fails because there can be
other non-ASCII characters that were *successfully* decoded. The fix is
simple: do the unknown-8bit encoding using the utf-8 codec. This is
especially appropriate since anyone trying to do recovery on an unknown
byte string will probably attempt utf-8 first.
(cherry picked from commit 1e17ccd030a2285ad53db5952360fffa33a8a877)
Co-authored-by: R. David Murray <rdmurray@bitdance.com> Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
[3.13] gh-142145: Avoid timing measurements in quadratic behavior test (gh-143105) (#143140)
Count the number of Element attribute accesses as a proxy for work done.
With double the amount of work, a ratio of 2.0 indicates linear scaling
and 4.0 quadratic scaling. Use 3.2 as an intermediate threshold.
(cherry picked from commit 57937a8e5e293f0dcba5115f7b7a11b1e0c9a273)
[3.13] gh-109263: Start process from spawn context in multiprocessing no longer have side effect (GH-135813) (#143116)
gh-109263: Start process from spawn context in multiprocessing no longer have side effect (GH-135813)
(cherry picked from commit c2202a7e661d40b1837cc0109cdb9ab40ec4e486)
Co-authored-by: AN Long <aisk@users.noreply.github.com>
[3.13] gh-143010: Prevent a TOCTOU issue by only calling open once (GH-143011) (#143079)
gh-143010: Prevent a TOCTOU issue by only calling open once (GH-143011)
RDM: per AZero13's research the 'x' option did not exist when this code was written, This
modernization can thus drop the fd trick in _create_carefully and just use open with 'x' to achieve the same goal more securely.
(cherry picked from commit a88d1b8dab4cbd3180dd7f1acb44d627db90323b)
Gregory P. Smith [Sun, 21 Dec 2025 07:03:24 +0000 (23:03 -0800)]
[3.13] gh-70647: Better promote how to safely parse yearless dates in datetime. (GH-116179) (#143038)
* gh-70647: Better promote how to safely parse yearless dates in datetime. (GH-116179)
* gh-70647: Better promote how to safely parse yearless dates in datetime.
Every four years people encounter this because it just isn't obvious.
This moves the footnote up to a note with a code example.
We'd love to change the default year value for datetime but doing
that could have other consequences for existing code. This documented
workaround *always* works.
* doctest code within note is bad, dedent.
* Update to match the error message.
* remove no longer referenced footnote
* ignore the warning in the doctest
* use Petr's suggestion for the docs to hide the warning processing
[3.13] gh-142754: Ensure that Element & Attr instances have the ownerDocument attribute (GH-142794) (#142819)
gh-142754: Ensure that Element & Attr instances have the ownerDocument attribute (GH-142794)
(cherry picked from commit 1cc7551b3f9f71efbc88d96dce90f82de98b2454)
Co-authored-by: Petr Viktorin <encukou@gmail.com> Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
[3.13] gh-142527: Docs: Clarify that random.seed() discards the sign of an integer input (GH-142483) (#142971)
gh-142527: Docs: Clarify that random.seed() discards the sign of an integer input (GH-142483)
If *a* is an integer, the sign of *a* is discarded in the C source code. Clarify this behavior to prevent foot guns, where a common use case might naively assume that flipping the sign will produce different sequences (e.g. for a train/test split of a synthetic data generator in machine learning).
(cherry picked from commit 610aabfef2f90dc1a274703779615aa5b7fbbb3a)
Co-authored-by: Andrej <andrej.karpathy@gmail.com> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
[3.13] gh-142873: Do not check for `PyContextVar_CheckExact` twice in `PyContextVar_Set` (GH-142874) (#142894)
gh-142873: Do not check for `PyContextVar_CheckExact` twice in `PyContextVar_Set` (GH-142874)
(cherry picked from commit e61a447d0e0753621e8fc347e99dfc87884d68ab)
[3.13] gh-142876: remove reference to thread in documentation of `asyncio.Queue.shutdown` (GH-142888) (#142892)
gh-142876: remove reference to thread in documentation of `asyncio.Queue.shutdown` (GH-142888)
(cherry picked from commit 77c8e6a2b8e206ea8151ab1b431e32f1cad51ddd)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com> Co-authored-by: RUANG (James Roy) <longjinyii@outlook.com> Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com> Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
projects / thirdparty / Python / cpython.git / log
