From: Pablo Galindo Salgado <Pablogsal@gmail.com>
Date: Wed, 9 Oct 2024 22:30:56 +0000 (+0100)
Subject: gh-125140: Remove the current directory from sys.path when using pyrepl (GH-125212)
X-Git-Tag: v3.14.0a1~103
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c7d5d1d93b630e352abd9a0c93ea6d34c443f444;p=thirdparty%2FPython%2Fcpython.git

gh-125140: Remove the current directory from sys.path when using pyrepl (GH-125212)

Signed-off-by: Pablo Galindo <pablogsal@gmail.com>
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
---

diff --git a/Lib/site.py b/Lib/site.py
index b3194d79fb5a..07a6361fad44 100644
--- a/Lib/site.py
+++ b/Lib/site.py
@@ -503,9 +503,14 @@ def register_readline():
         if PYTHON_BASIC_REPL:
             CAN_USE_PYREPL = False
         else:
-            import _pyrepl.readline
-            import _pyrepl.unix_console
-            from _pyrepl.main import CAN_USE_PYREPL
+            original_path = sys.path
+            sys.path = [p for p in original_path if p != '']
+            try:
+                import _pyrepl.readline
+                import _pyrepl.unix_console
+                from _pyrepl.main import CAN_USE_PYREPL
+            finally:
+                sys.path = original_path
     except ImportError:
         return
 
diff --git a/Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst b/Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst
new file mode 100644
index 000000000000..f4a493023726
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2024-10-09-20-08-13.gh-issue-125140.YgNWRB.rst
@@ -0,0 +1 @@
+Remove the current directory from ``sys.path`` when using PyREPL.