bpo-42800: Add audit events for f_code and tb_frame (GH-24182)

Accessing the following attributes will now fire PEP 578 style audit hooks as (object.__getattr__, obj, name):
* PyTracebackObject: tb_frame
* PyFrameObject: f_code
* PyGenObject: gi_code, gi_frame
* PyCoroObject: cr_code, cr_frame
* PyAsyncGenObject: ag_code, ag_frame
(cherry picked from commit bb2f3ff7a8f0c3565ccc1946dba7e09a3f7dc209)

Co-authored-by: Steve Dower <steve.dower@python.org>

diff --git a/Doc/library/audit_events.rst b/Doc/library/audit_events.rst
index 367d56e4e37359cd04ee9def5abfb983be568a0f..8227a7955bef8127e03b70faac63bf18bc85e2f6 100644 (file)
--- a/Doc/library/audit_events.rst
+++ b/Doc/library/audit_events.rst
@@ -7,7 +7,7 @@ Audit events table
 
 This table contains all events raised by :func:`sys.audit` or
 :c:func:`PySys_Audit` calls throughout the CPython runtime and the
-standard library.  These calls were added in 3.8.0 or later.
+standard library.  These calls were added in 3.8.0 or later (see :pep:`578`).
 
 See :func:`sys.addaudithook` and :c:func:`PySys_AddAuditHook` for
 information on handling these events.

diff --git a/Doc/library/stdtypes.rst b/Doc/library/stdtypes.rst
index fb500501c8f9ae25dbb7c5baee15e1640d9ae83f..aaef42504aa2555bbfbacda9072d4fdd44c07062 100644 (file)
--- a/Doc/library/stdtypes.rst
+++ b/Doc/library/stdtypes.rst
@@ -4708,6 +4708,9 @@ environment.  Code objects are returned by the built-in :func:`compile` function
 and can be extracted from function objects through their :attr:`__code__`
 attribute. See also the :mod:`code` module.
 
+Accessing ``__code__`` raises an :ref:`auditing event <auditing>`
+``object.__getattr__`` with arguments ``obj`` and ``"__code__"``.
+
 .. index::
    builtin: exec
    builtin: eval

diff --git a/Doc/reference/datamodel.rst b/Doc/reference/datamodel.rst
index f71560d640c5bf6cc263cd7a424663e494ef52dc..bf391ef1ff2c5fd0fc6c043c13908155e7201f59 100644 (file)
--- a/Doc/reference/datamodel.rst
+++ b/Doc/reference/datamodel.rst
@@ -1000,6 +1000,9 @@ Internal types
       :attr:`f_lasti` gives the precise instruction (this is an index into the
       bytecode string of the code object).
 
+      Accessing ``f_code`` raises an :ref:`auditing event <auditing>`
+      ``object.__getattr__`` with arguments ``obj`` and ``"f_code"``.
+
       .. index::
          single: f_trace (frame attribute)
          single: f_trace_lines (frame attribute)
@@ -1084,6 +1087,9 @@ Internal types
       :keyword:`try` statement with no matching except clause or with a
       finally clause.
 
+      Accessing ``tb_frame`` raises an :ref:`auditing event <auditing>`
+      ``object.__getattr__`` with arguments ``obj`` and ``"tb_frame"``.
+
       .. index::
          single: tb_next (traceback attribute)
 

diff --git a/Misc/ACKS b/Misc/ACKS
index 197616d7378f9a2304527639df663d0c260a8503..a265e7e9a7273d3292f7c3221a64c12679175435 100644 (file)
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -696,6 +696,7 @@ Kevan Heydon
 Wouter van Heyst
 Kelsey Hightower
 Jason Hildebrand
+Ryan Hileman
 Aaron Hill
 Joel Hillacre
 Richie Hindle

diff --git a/Misc/NEWS.d/next/Security/2021-01-09-17-07-36.bpo-42800._dtZvW.rst b/Misc/NEWS.d/next/Security/2021-01-09-17-07-36.bpo-42800._dtZvW.rst
new file mode 100644 (file)
index 0000000..d01c0c3
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2021-01-09-17-07-36.bpo-42800._dtZvW.rst
@@ -0,0 +1 @@
+Audit hooks are now fired for frame.f_code, traceback.tb_frame, and generator code/frame attribute access.

diff --git a/Objects/frameobject.c b/Objects/frameobject.c
index a796a59eee9e40afdc6e1fba5d4d07ad0501255e..3abd8e52d859d9e8e3a1e7dbabccd6cf446a6c11 100644 (file)
--- a/Objects/frameobject.c
+++ b/Objects/frameobject.c
@@ -13,7 +13,7 @@
 
 static PyMemberDef frame_memberlist[] = {
     {"f_back",          T_OBJECT,       OFF(f_back),      READONLY},
-    {"f_code",          T_OBJECT,       OFF(f_code),      READONLY},
+    {"f_code",          T_OBJECT,       OFF(f_code),      READONLY|READ_RESTRICTED},
     {"f_builtins",      T_OBJECT,       OFF(f_builtins),  READONLY},
     {"f_globals",       T_OBJECT,       OFF(f_globals),   READONLY},
     {"f_lasti",         T_INT,          OFF(f_lasti),     READONLY},

diff --git a/Objects/genobject.c b/Objects/genobject.c
index ce7dd48a17cfb6ae36b36c99726520942b0a0c72..697947b6ff7db445ad71d6964f5de9f75a1832f5 100644 (file)
--- a/Objects/genobject.c
+++ b/Objects/genobject.c
@@ -708,9 +708,9 @@ static PyGetSetDef gen_getsetlist[] = {
 };
 
 static PyMemberDef gen_memberlist[] = {
-    {"gi_frame",     T_OBJECT, offsetof(PyGenObject, gi_frame),    READONLY},
+    {"gi_frame",     T_OBJECT, offsetof(PyGenObject, gi_frame),    READONLY|READ_RESTRICTED},
     {"gi_running",   T_BOOL,   offsetof(PyGenObject, gi_running),  READONLY},
-    {"gi_code",      T_OBJECT, offsetof(PyGenObject, gi_code),     READONLY},
+    {"gi_code",      T_OBJECT, offsetof(PyGenObject, gi_code),     READONLY|READ_RESTRICTED},
     {NULL}      /* Sentinel */
 };
 
@@ -944,9 +944,9 @@ static PyGetSetDef coro_getsetlist[] = {
 };
 
 static PyMemberDef coro_memberlist[] = {
-    {"cr_frame",     T_OBJECT, offsetof(PyCoroObject, cr_frame),    READONLY},
+    {"cr_frame",     T_OBJECT, offsetof(PyCoroObject, cr_frame),    READONLY|READ_RESTRICTED},
     {"cr_running",   T_BOOL,   offsetof(PyCoroObject, cr_running),  READONLY},
-    {"cr_code",      T_OBJECT, offsetof(PyCoroObject, cr_code),     READONLY},
+    {"cr_code",      T_OBJECT, offsetof(PyCoroObject, cr_code),     READONLY|READ_RESTRICTED},
     {"cr_origin",    T_OBJECT, offsetof(PyCoroObject, cr_origin),   READONLY},
     {NULL}      /* Sentinel */
 };
@@ -1341,10 +1341,12 @@ static PyGetSetDef async_gen_getsetlist[] = {
 };
 
 static PyMemberDef async_gen_memberlist[] = {
-    {"ag_frame",   T_OBJECT, offsetof(PyAsyncGenObject, ag_frame),   READONLY},
+    {"ag_frame",   T_OBJECT, offsetof(PyAsyncGenObject, ag_frame),
+        READONLY|READ_RESTRICTED},
     {"ag_running", T_BOOL,   offsetof(PyAsyncGenObject, ag_running_async),
         READONLY},
-    {"ag_code",    T_OBJECT, offsetof(PyAsyncGenObject, ag_code),    READONLY},
+    {"ag_code",    T_OBJECT, offsetof(PyAsyncGenObject, ag_code),
+        READONLY|READ_RESTRICTED},
     {NULL}      /* Sentinel */
 };
 

diff --git a/Python/traceback.c b/Python/traceback.c
index 0aa51ad37f49e279efa65463b22cd86913f3f786..d8dd8211fb0705c04b85dd4f5b79615aa68dce09 100644 (file)
--- a/Python/traceback.c
+++ b/Python/traceback.c
@@ -148,7 +148,7 @@ static PyMethodDef tb_methods[] = {
 };
 
 static PyMemberDef tb_memberlist[] = {
-    {"tb_frame",        T_OBJECT,       OFF(tb_frame),  READONLY},
+    {"tb_frame",        T_OBJECT,       OFF(tb_frame),  READONLY|READ_RESTRICTED},
     {"tb_lasti",        T_INT,          OFF(tb_lasti),  READONLY},
     {"tb_lineno",       T_INT,          OFF(tb_lineno), READONLY},
     {NULL}      /* Sentinel */