[3.14] gh-142829: Fix use-after-free in `Context.__eq__` via re-entrant `ContextVar.set` (GH-142905) (#143627)
gh-142829: Fix use-after-free in `Context.__eq__` via re-entrant `ContextVar.set` (GH-142905)
(cherry picked from commit a4086d7f89e5d388e4ffcdb13e4fba0255234286)
[3.14] gh-143006: Fix and optimize mixed comparison of float and int (GH-143084) (GH-143623)
When comparing negative non-integer float and int with the same number
of bits in the integer part, __neg__() in the int subclass returning
not an int caused an assertion error.
Now the integer is no longer negated. Also, reduced the number of
temporary created Python objects.
(cherry picked from commit 66bca383bd3b12d21e879d991d77b37a4c638f88)
gh-143460: Skip infinite recusion tests for infinite stack size (GH-143606)
Avoid tests being killed due to OOM on Linux if a system is configured with
'ulimit -s unlimited' by skipping tests relying on infinite recursion.
While unclear if Python should support 'ulimit -s unlimited', we should at
least try to avoid failing a PGO build running tests due to an unlimited
stack size being set.
(cherry picked from commit 61e036691c8ac70facb8d3fc39c670bde56218e8)
Signed-off-by: Jan André Reuter <j.reuter@fz-juelich.de> Co-authored-by: Jan André Reuter <jan.andre.reuter@hotmail.de>
[3.14] gh-143378: Fix use-after-free when BytesIO is concurrently mutated during write operations (GH-143408) (GH-143599)
PyObject_GetBuffer() can execute user code (e.g. via __buffer__), which may
close or otherwise mutate a BytesIO object while write() or writelines()
is in progress. This could invalidate the internal buffer and lead to a
use-after-free.
[3.14] gh-142095: Use thread local frame info in `py-bt` and `py-bt-full` when available (gh-143371) (#143566)
In optimized and `-Og` builds, arguments and local variables are frequently
unavailable in gdb. This makes `py-bt` fail to print anything useful. Use the
`PyThreadState*` pointers `_Py_tss_gilstate` and `Py_tss_tstate` to find the
interpreter frame if we can't get the frame from the
`_PyEval_EvalFrameDefault` call.
(cherry picked from commit 49c3b0a67a77bb42e736cea7dcbc1aa8fa704074)
Co-authored-by: Sam Gross <colesbury@gmail.com> Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-133315: Document that compat32 should not be used with MIMEPart/EmailMessage (GH-143307) (#143496)
gh-133315: Document that compat32 should not be used with MIMEPart/EmailMessage (GH-143307)
(cherry picked from commit ff7d1cec41f391270560b9f4726791d8476c6eba)
[3.14] gh-75572: Forward-port test_xpickle from Python 2 to 3 (GH-22452) (GH-143485)
Move data classes used in tests to separate file test_picklecommon.py,
so it can be imported in old Python versions.
(cherry picked from commit 8735daf3e82d50defd791e9be7b9ae6843bc4ed1)
Co-authored-by: Ken Jin <kenjin@python.org> Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
The documentation incorrectly stated that the file descriptor is not
inherited by child processes. In reality, the close-on-exec flag (when
available) only prevents inheritance across exec() calls, not fork().
(cherry picked from commit e79c9b703117d8b0e7c4d86b704e2e7f120db883)
Co-authored-by: ADITYA RAI <adi.hack1234@gmail.com> Co-authored-by: Victor Stinner <vstinner@python.org>
Stan Ulbrych [Tue, 6 Jan 2026 11:48:45 +0000 (11:48 +0000)]
[3.14] gh-143003: Fix possible shared buffer overflow in `bytearray.extend()` (GH-143086) (GH-143447)
When __length_hint__() returns 0 for non-empty iterator, the data can be
written past the shared 0-terminated buffer, corrupting it.
(cherry picked from commit 522563549a49d28e763635c58274a23a6055f041)
[3.14] gh-143148: Replace pre-commit with prek in CI (GH-143149) (#143360)
Co-authored-by: Johann Christensen <johannchristensen@outlook.de> Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
[3.14] Update docstrings of `typing.Hashable`, `typing.List`, etc., to reflect their deprecation (GH-143295) (#143348)
Update docstrings of `typing.Hashable`, `typing.List`, etc., to reflect their deprecation (GH-143295)
(cherry picked from commit 18f3c59e57e5d30218210136060310310b10ff72)
Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
[3.14] gh-140920: remove incorrect mentions to `concurrent.futures.interpreter.ExecutionFailed` (GH-141723) (#143315)
gh-140920: remove incorrect mentions to `concurrent.futures.interpreter.ExecutionFailed` (GH-141723)
Remove documentation for inexistant `concurrent.futures.interpreter.ExecutionFailed`
and replace its occurrences by `concurrent.interpreters.ExecutionFailed` since this
is the documented exception.
(cherry picked from commit c5215978ebfea9471f313d5baa70a4e68bfb798b)
[3.14] gh-130167: Add a What's New entry for changes to ``textwrap.{de,in}dent`` (GH-131924) (#143292)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com> Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com> Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com> Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
[3.14] gh-69686: Remove untrue part of `__import__` replacement docs (GH-143261) (#143281)
gh-69686: Remove untrue part of `__import__` replacement docs (GH-143261)
Remove untrue part of `__import__` replacement docs
The original statement effectively says that replacing `__import__` at global scope affects import statements, and not only that, but only import statements within the rest of the executing module. None of that has been true since at least Python 2.7, I think.
[3.14] gh-143200: fix UAFs in `Element.__{set,get}item__` when the element is concurrently mutated (GH-143226) (#143273)
gh-143200: fix UAFs in `Element.__{set,get}item__` when the element is concurrently mutated (GH-143226)
(cherry picked from commit b6b0e14b3d4aa9e9b89bef9a516177238883e1a7)
[3.14] gh-142994, gh-142996: document missing async generator and coroutine field entries in `inspect` (GH-142997) (#143258)
gh-142994, gh-142996: document missing async generator and coroutine field entries in `inspect` (GH-142997)
(cherry picked from commit 0efbad60e13cbc8b27a5ca3a5d9afcdcc957b19e)
Changed condition to evaluate if timeout is less than or equals to 0. This is needed for simulated time environments such as Shadow where the time will match exactly on the boundary.
[3.14] gh-142557: fix UAF in `bytearray.__mod__` when object is mutated while formatting `%`-style arguments (GH-143213) (#143227)
gh-142557: fix UAF in `bytearray.__mod__` when object is mutated while formatting `%`-style arguments (GH-143213)
(cherry picked from commit 61ee04834b096be00678c6819b4957f3f4413a5e)
[3.14] gh-143195: fix UAF in `{bytearray,memoryview}.hex(sep)` via re-entrant `sep.__len__` (GH-143209) (#143219)
gh-143195: fix UAF in `{bytearray,memoryview}.hex(sep)` via re-entrant `sep.__len__` (GH-143209)
(cherry picked from commit 9976c2b6349a079ae39931d960b8c147e21c6c3f)
[3.14] gh-142975: During GC, mark frozen objects with a merged zero refcount for destruction (GH-143156) (GH-143175)
gh-142975: During GC, mark frozen objects with a merged zero refcount for destruction (GH-143156)
(cherry picked from commit 8611f74e089d9ac9de84dd42be9d251db27889aa)
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
[3.14] gh-143004: Fix possible use-after-free in collections.Counter.update() (GH-143044) (GH-143166)
This happened when the Counter was mutated when incrementing
the value for an existing key.
(cherry picked from commit 86d904588e8c84c7fccb8faf84b343f03461970d)
[3.14] Correctly fold unknown-8bit originating from encoded words. (GH-142517) (#143146)
The unknown-8bit trick was designed to deal with unknown bytes in an
ASCII message, and it works fine for that. However, I also tried to
extend it to handle bytes that can't be decoded using the charset
specified in an encoded word, and there it fails because there can be
other non-ASCII characters that were *successfully* decoded. The fix is
simple: do the unknown-8bit encoding using the utf-8 codec. This is
especially appropriate since anyone trying to do recovery on an unknown
byte string will probably attempt utf-8 first.
(cherry picked from commit 1e17ccd030a2285ad53db5952360fffa33a8a877)
Co-authored-by: R. David Murray <rdmurray@bitdance.com> Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
[3.14] gh-142145: Avoid timing measurements in quadratic behavior test (gh-143105) (#143139)
Count the number of Element attribute accesses as a proxy for work done.
With double the amount of work, a ratio of 2.0 indicates linear scaling
and 4.0 quadratic scaling. Use 3.2 as an intermediate threshold.
(cherry picked from commit 57937a8e5e293f0dcba5115f7b7a11b1e0c9a273)
[3.14] gh-109263: Start process from spawn context in multiprocessing no longer have side effect (GH-135813) (#143115)
gh-109263: Start process from spawn context in multiprocessing no longer have side effect (GH-135813)
(cherry picked from commit c2202a7e661d40b1837cc0109cdb9ab40ec4e486)
Co-authored-by: AN Long <aisk@users.noreply.github.com>
[3.14] gh-143010: Prevent a TOCTOU issue by only calling open once (GH-143011) (#143080)
gh-143010: Prevent a TOCTOU issue by only calling open once (GH-143011)
RDM: per AZero13's research the 'x' option did not exist when this code was written, This
modernization can thus drop the fd trick in _create_carefully and just use open with 'x' to achieve the same goal more securely.
(cherry picked from commit a88d1b8dab4cbd3180dd7f1acb44d627db90323b)
[3.14] gh-70647: Better promote how to safely parse yearless dates in datetime. (GH-116179) (#143037)
gh-70647: Better promote how to safely parse yearless dates in datetime. (GH-116179)
* gh-70647: Better promote how to safely parse yearless dates in datetime.
Every four years people encounter this because it just isn't obvious.
This moves the footnote up to a note with a code example.
We'd love to change the default year value for datetime but doing
that could have other consequences for existing code. This documented
workaround *always* works.
* doctest code within note is bad, dedent.
* Update to match the error message.
* remove no longer referenced footnote
* ignore the warning in the doctest
* use Petr's suggestion for the docs to hide the warning processing
[3.14] gh-142754: Ensure that Element & Attr instances have the ownerDocument attribute (GH-142794) (#142818)
gh-142754: Ensure that Element & Attr instances have the ownerDocument attribute (GH-142794)
(cherry picked from commit 1cc7551b3f9f71efbc88d96dce90f82de98b2454)
Co-authored-by: Petr Viktorin <encukou@gmail.com> Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
[3.14] gh-142560: prevent use-after-free in search-like methods by exporting buffer in bytearray (GH-142938) (#142983)
gh-142560: prevent use-after-free in search-like methods by exporting buffer in bytearray (GH-142938)
(cherry picked from commit 220f0b107776391201a399c54dd01692c36fcdf4)
[3.14] gh-142527: Docs: Clarify that random.seed() discards the sign of an integer input (GH-142483) (#142970)
gh-142527: Docs: Clarify that random.seed() discards the sign of an integer input (GH-142483)
If *a* is an integer, the sign of *a* is discarded in the C source code. Clarify this behavior to prevent foot guns, where a common use case might naively assume that flipping the sign will produce different sequences (e.g. for a train/test split of a synthetic data generator in machine learning).
(cherry picked from commit 610aabfef2f90dc1a274703779615aa5b7fbbb3a)
Co-authored-by: Andrej <andrej.karpathy@gmail.com> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
projects / thirdparty / Python / cpython.git / log
