[3.9] bpo-43439: Add audit hooks for gc functions (GH-24794). (GH-24811)

author Pablo Galindo <Pablogsal@gmail.com>

Wed, 10 Mar 2021 08:50:29 +0000 (08:50 +0000)

committer GitHub <noreply@github.com>

Wed, 10 Mar 2021 08:50:29 +0000 (00:50 -0800)
author Pablo Galindo <Pablogsal@gmail.com>
Wed, 10 Mar 2021 08:50:29 +0000 (08:50 +0000)
committer GitHub <noreply@github.com>
Wed, 10 Mar 2021 08:50:29 +0000 (00:50 -0800)
diff --git a/Doc/library/gc.rst b/Doc/library/gc.rst

index 2d85cd3431711ab603ba517858725c5c06ec0e91..4558081b1dbe8baec17a883371c7ccb193840043 100644 (file)
--- a/Doc/library/gc.rst
+++ b/Doc/library/gc.rst
@@ -72,6 +72,8 @@ The :mod:`gc` module provides the following functions:
     .. versionchanged:: 3.8
        New *generation* parameter.
  
+   .. audit-event:: gc.get_objects generation gc.get_objects
+
  .. function:: get_stats()
  
     Return a list of three per-generation dictionaries containing collection
@@ -140,6 +142,8 @@ The :mod:`gc` module provides the following functions:
     invalid state. Avoid using :func:`get_referrers` for any purpose other than
     debugging.
  
+   .. audit-event:: gc.get_referrers objs gc.get_referrers
+
  
  .. function:: get_referents(*objs)
  
@@ -151,6 +155,7 @@ The :mod:`gc` module provides the following functions:
     be involved in a cycle.  So, for example, if an integer is directly reachable
     from an argument, that integer object may or may not appear in the result list.
  
+   .. audit-event:: gc.get_referents objs gc.get_referents
  
  .. function:: is_tracked(obj)
  
diff --git a/Lib/test/audit-tests.py b/Lib/test/audit-tests.py

index ee6fc93351b753392e317e30cd8c1d85085648fc..8e66594e52429b623eb8f070f861e0b2bb5e816f 100644 (file)
--- a/Lib/test/audit-tests.py
+++ b/Lib/test/audit-tests.py
@@ -323,6 +323,24 @@ def test_socket():
          sock.close()
  
  
+def test_gc():
+    import gc
+
+    def hook(event, args):
+        if event.startswith("gc."):
+            print(event, *args)
+
+    sys.addaudithook(hook)
+
+    gc.get_objects(generation=1)
+
+    x = object()
+    y = [x]
+
+    gc.get_referrers(x)
+    gc.get_referents(y)
+
+
  if __name__ == "__main__":
      from test.support import suppress_msvcrt_asserts
  
diff --git a/Lib/test/test_audit.py b/Lib/test/test_audit.py

index f79edbc4bd0d9fc6493be10d44a41a9e1c153e9c..a9ac6fee446f872c8bce4dd49ede664557a761e2 100644 (file)
--- a/Lib/test/test_audit.py
+++ b/Lib/test/test_audit.py
@@ -115,5 +115,18 @@ class AuditTest(unittest.TestCase):
          self.assertEqual(events[2][0], "socket.bind")
          self.assertTrue(events[2][2].endswith("('127.0.0.1', 8080)"))
  
+    def test_gc(self):
+        returncode, events, stderr = self.run_python("test_gc")
+        if returncode:
+            self.fail(stderr)
+
+        if support.verbose:
+            print(*events, sep='\n')
+        self.assertEqual(
+            [event[0] for event in events],
+            ["gc.get_objects", "gc.get_referrers", "gc.get_referents"]
+        )
+
+
  if __name__ == "__main__":
      unittest.main()
diff --git a/Misc/NEWS.d/next/Security/2021-03-08-23-06-07.bpo-43439.5U3lXm.rst b/Misc/NEWS.d/next/Security/2021-03-08-23-06-07.bpo-43439.5U3lXm.rst

new file mode 100644 (file)

index 0000000..5186503
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2021-03-08-23-06-07.bpo-43439.5U3lXm.rst
@@ -0,0 +1,2 @@
+Add audit hooks for :func:`gc.get_objects`, :func:`gc.get_referrers` and
+:func:`gc.get_referents`. Patch by Pablo Galindo.
diff --git a/Modules/gcmodule.c b/Modules/gcmodule.c

index 56dcb101e0005e55b0f1ca132b218d1c9f8c2cc8..52443debb12503094c982b83af13c94d5a2a83ef 100644 (file)
--- a/Modules/gcmodule.c
+++ b/Modules/gcmodule.c
@@ -1674,6 +1674,11 @@ gc_get_referrers(PyObject *self, PyObject *args)
  {
      PyThreadState *tstate = _PyThreadState_GET();
      int i;
+
+    if (PySys_Audit("gc.get_referrers", "O", args) < 0) {
+        return NULL;
+    }
+
      PyObject *result = PyList_New(0);
      if (!result) {
          return NULL;
@@ -1704,6 +1709,9 @@ static PyObject *
  gc_get_referents(PyObject *self, PyObject *args)
  {
      Py_ssize_t i;
+    if (PySys_Audit("gc.get_referents", "O", args) < 0) {
+        return NULL;
+    }
      PyObject *result = PyList_New(0);
  
      if (result == NULL)
@@ -1746,6 +1754,10 @@ gc_get_objects_impl(PyObject *module, Py_ssize_t generation)
      PyObject* result;
      GCState *gcstate = &tstate->interp->gc;
  
+    if (PySys_Audit("gc.get_objects", "n", generation) < 0) {
+        return NULL;
+    }
+
      result = PyList_New(0);
      if (result == NULL) {
          return NULL;
author	Pablo Galindo <Pablogsal@gmail.com>
	Wed, 10 Mar 2021 08:50:29 +0000 (08:50 +0000)
committer	GitHub <noreply@github.com>
	Wed, 10 Mar 2021 08:50:29 +0000 (00:50 -0800)
Doc/library/gc.rst		patch \| blob \| blame \| history
Lib/test/audit-tests.py		patch \| blob \| blame \| history
Lib/test/test_audit.py		patch \| blob \| blame \| history
Misc/NEWS.d/next/Security/2021-03-08-23-06-07.bpo-43439.5U3lXm.rst	[new file with mode: 0644]	patch \| blob
Modules/gcmodule.c		patch \| blob \| blame \| history