gh-97616: list_resize() checks for integer overflow (GH-97617)
Fix multiplying a list by an integer (list *= int): detect the
integer overflow when the new allocated length is close to the
maximum size. Issue reported by Jordan Limor.
list_resize() now checks for integer overflow before multiplying the
new allocated length by the list item size (sizeof(PyObject*)).
(cherry picked from commit a5f092f3c469b674b8d9ccbd4e4377230c9ac7cf)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-73588: Fix generation of the default name of tkinter.Checkbutton. (GH-97547)
Previously, checkbuttons in different parent widgets could have the same
short name and share the same state if arguments "name" and "variable" are
not specified. Now they are globally unique.
(cherry picked from commit adbed2d542a815b8175db965742211856b19b52f)
Use HTTPS for documents which are available by both HTTP and HTTPS
links, but there is no redirection from HTTP to HTTPS or vice versa.
(cherry picked from commit dd53b79de0ea98af6a11481217a961daef4e9774)
Fix command line parsing: reject "-X int_max_str_digits" option with
no value (invalid) when the PYTHONINTMAXSTRDIGITS environment
variable is set to a valid limit.
(cherry picked from commit 41351662bcd21672d8ccfa62fe44d72027e6bcf8)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-96052: codeop: fix handling compiler warnings in incomplete input (GH-96132)
Previously codeop.compile_command() emitted compiler warnings (SyntaxWarning or
DeprecationWarning) and raised a SyntaxError for incomplete input containing
a potentially incorrect code. Now it always returns None for incomplete input
without emitting any warnings.
(cherry picked from commit 426d72e7ddb0af5cf851914ac75127186dd1ff04)
gh-97527: IDLE: protect macosx Tk() call when no GUI (GH-97530)
Only call tkinter.tk and its follow-up code in _init_tk_type when requires('gui')
does not raise. This function can be called as an unintended side-effect of
calling other idlelib code as part of tests on macOS without a GUI enabled.
(cherry picked from commit 9704f8da333a51da32318f16106d45abb20fab76)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
gh-90155: Fix bug in asyncio.Semaphore and strengthen FIFO guarantee (GH-93222)
The main problem was that an unluckily timed task cancellation could cause
the semaphore to be stuck. There were also doubts about strict FIFO ordering
of tasks allowed to pass.
The Semaphore implementation was rewritten to be more similar to Lock.
Many tests for edge cases (including cancellation) were added.
(cherry picked from commit 24e03796248ab8c7f62d715c28156abe2f1c0d20)
[3.10] gh-96954: Add tests for unicodedata.name/lookup (GH-96955) (GH-96992)
They were undertested, and since GH-96954 might involve a
rewrite of this part of the code we want to ensure that
there won't be any behavioral change.
[3.10] gh-68966: Make mailcap refuse to match unsafe filenames/types/params (GH-91993) (GH-93543)
* gh-68966: Make mailcap refuse to match unsafe filenames/types/params (GH-91993)
(cherry picked from commit b9509ba7a9c668b984dab876c7926fe1dc5aa0ba)
* Add a What's New entry for 3.10.8.
Co-authored-by: Petr Viktorin <encukou@gmail.com> Co-authored-by: Gregory P. Smith <greg@krypto.org>
gh-96387: take_gil() resets drop request before exit (GH-96869) (GH-96941)
At Python exit, sometimes a thread holding the GIL can wait forever
for a thread (usually a daemon thread) which requested to drop the
GIL, whereas the thread already exited. To fix the race condition,
the thread which requested the GIL drop now resets its request before
exiting.
take_gil() now calls RESET_GIL_DROP_REQUEST() before
PyThread_exit_thread() if it called SET_GIL_DROP_REQUEST to fix a
race condition with drop_gil().
gh-95778: Mention sys.set_int_max_str_digits() in error message (GH-96874)
When ValueError is raised if an integer is larger than the limit,
mention sys.set_int_max_str_digits() in the error message.
(cherry picked from commit e841ffc915e82e5ea6e3b473205417d63494808d)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-94972: document that shield users need to keep a reference to their task (GH-96724)
Co-authored-by: Thomas Grainger <tagrain@gmail.com> Co-authored-by: Guido van Rossum <gvanrossum@gmail.com>
(cherry picked from commit 6281affee6423296893b509cd78dc563ca58b196)
Co-authored-by: Hendrik Makait <hendrik.makait@gmail.com>
gh-96710: Make the test timing more lenient for the int/str DoS regression test. (GH-96717)
A regression would still absolutely fail and even a flaky pass isn't
harmful as it'd fail most of the time across our N system test runs.
Windows has a low resolution timer and CI systems are prone to odd
timing so this just gives more leeway to avoid flakiness.
(cherry picked from commit 11e3548fd1d3445ccde971d613633b58d73c3016)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
gh-96652: Fix faulthandler chained signal without sigaction() (GH-96666)
Fix the faulthandler implementation of faulthandler.register(signal,
chain=True) if the sigaction() function is not available: don't call
the previous signal handler if it's NULL.
(cherry picked from commit c580a81af91af4b9df85e466f8b48c3c9c86c3df)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-92986: Fix ast.unparse when ImportFrom.level is None (GH-92992)
This doesn't happen naturally, but is allowed by the ASDL and compiler.
We don't want to change ASDL for backward compatibility reasons
(GH-57645, GH-92987)
(cherry picked from commit 200c9a8da0e2b892c476807e986009c01327e781)
[3.10] gh-95778: Correctly pre-check for int-to-str conversion (GH-96537) (#96563)
Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =)
The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact.
The justification for the current check. The C code check is:
```c
max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10
```
In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is:
$$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$
From this it follows that
$$\frac{M}{3L} < \frac{s-1}{10}$$
hence that
$$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$
So
$$2^{L(s-1)} > 10^M.$$
But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check.
bpo-30419: DOC: Update missing information in bdb docs (GH-1687)
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com> Co-authored-by: Martin Panter <vadmium@users.noreply.github.com> Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
(cherry picked from commit ccce9b77e1f599e05425eadc0cc372d142fe05e0)
[3.10] gh-95778: CVE-2020-10735: Prevent DoS by very large int() (#96501)
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org> Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
gh-95231: Disable md5 & crypt modules if FIPS is enabled (GH-94742)
If kernel fips is enabled, we get permission error upon doing
`import crypt`. So, if kernel fips is enabled, disable the
unallowed hashing methods.
Python 3.9.1 (default, May 10 2022, 11:36:26)
[GCC 10.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import crypt
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.9/crypt.py", line 117, in <module>
_add_method('MD5', '1', 8, 34)
File "/usr/lib/python3.9/crypt.py", line 94, in _add_method
result = crypt('', salt)
File "/usr/lib/python3.9/crypt.py", line 82, in crypt
return _crypt.crypt(word, salt)
PermissionError: [Errno 1] Operation not permitted
[3.10] gh-95432: Add doctests for the sqlite3 docs (GH-96225) (#96379)
As a consequence of the added test, this commit also includes
fixes for broken examples.
- Add separate namespace for trace tests bco. module level callback
- Move more backup and cursor examples under separate namespaces.
(cherry picked from commit bf9259776dff5348bc854983409ea68618c1f174)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
gh-96021: Explicitly tear down the IsolatedAsyncioTestCase loop in tests (GH-96135) (GH-96235)
Tests for IsolatedAsyncioTestCase.debug() rely on the runner be closed
in __del__. It makes tests depending on the GC an unreliable on other
implementations. It is better to tear down the loop explicitly even if
currently there is no a public API for this.
(cherry picked from commit 4de06e3cc0a58d73934f9a2759ad9cd2f6b031b0)
GH-96179: Fix misleading example on the bisect documentation (GH-96228)
The `movies[bisect(movies, 1960, key=by_year)]` will actually return only movies **after** 1960.
(cherry picked from commit 4317b25a2323ae4be04574e45de0e335c571c463)
projects / thirdparty / Python / cpython.git / log
