gh-94732: Fix KeyboardInterrupt race in asyncio run_forever() (GH-97765)
Ensure that the event loop's `_thread_id` attribute and the asyncgen hooks set by `sys.set_asyncgen_hooks()` are always restored no matter where a KeyboardInterrupt exception is raised.
(cherry picked from commit 3a49dbb98ccc1b90554ed181386316efa38adfba)
[3.10] gh-97728: Argument Clinic: Fix uninitialized variable in the Py_UNICODE converter (GH-97729) (GH-97760)
It affects function os.system() on Windows and Windows-specific modules
winreg, _winapi, _overlapped, and _msi.
(cherry picked from commit 0ee9619a4cba58730c45e65d22288fadbf7680de)
gh-97607: Fix content parsing in the impl-detail reST directive (GH-97652)
* Don't parse content as arg in the impl-detail directive
This does not change the (untranslated) output,
but ensures that the doctree node metadata is correct.
which fixes gh-97607 with the text not being translated.
It also simplifies the code and logic
and makes it consistant with the docutils built-in directives.
* Remove unused branch from impl-detail directive handling no-content case
This is not used anywhere in the docs and lacks a clear use case,
and is more likely a mistake which is now flagged at build time.
This simplifies the logic from two code paths to one,
and makes the behavior consistant with similar built-in directives
(e.g. the various admonition types).
gh-95588: Drop the safety claim from `ast.literal_eval` docs. (GH-95919)
It was never really safe and this claim conflicts directly with the big warning in the docs about it being able to crash the interpreter.
(cherry picked from commit 8baef8ae367041a5cfefb40b19c7b87e9bcb56a2)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
GH-96827: Don't touch closed loops from executor threads (GH-96837)
* When chaining futures, skip callback if loop closed.
* When shutting down an executor, don't wake a closed loop.
(cherry picked from commit e9d63760fea8748638f6e495b5b07bd1805c9591)
Co-authored-by: Guido van Rossum <guido@python.org>
This documents the behavior that has always been the case since timeout
support was introduced in Python 3.3.
(cherry picked from commit b05dd796492160c37c9e15e3882f699f411b3461)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
gh-97612: Fix shell injection in get-remote-certificate.py (GH-97613)
Fix a shell code injection vulnerability in the
get-remote-certificate.py example script. The script no longer uses a
shell to run "openssl" commands. Issue reported and initial fix by
Caleb Shortt.
Remove the Windows code path to send "quit" on stdin to the "openssl
s_client" command: use DEVNULL on all platforms instead.
gh-97616: list_resize() checks for integer overflow (GH-97617)
Fix multiplying a list by an integer (list *= int): detect the
integer overflow when the new allocated length is close to the
maximum size. Issue reported by Jordan Limor.
list_resize() now checks for integer overflow before multiplying the
new allocated length by the list item size (sizeof(PyObject*)).
(cherry picked from commit a5f092f3c469b674b8d9ccbd4e4377230c9ac7cf)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-73588: Fix generation of the default name of tkinter.Checkbutton. (GH-97547)
Previously, checkbuttons in different parent widgets could have the same
short name and share the same state if arguments "name" and "variable" are
not specified. Now they are globally unique.
(cherry picked from commit adbed2d542a815b8175db965742211856b19b52f)
Use HTTPS for documents which are available by both HTTP and HTTPS
links, but there is no redirection from HTTP to HTTPS or vice versa.
(cherry picked from commit dd53b79de0ea98af6a11481217a961daef4e9774)
Fix command line parsing: reject "-X int_max_str_digits" option with
no value (invalid) when the PYTHONINTMAXSTRDIGITS environment
variable is set to a valid limit.
(cherry picked from commit 41351662bcd21672d8ccfa62fe44d72027e6bcf8)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-96052: codeop: fix handling compiler warnings in incomplete input (GH-96132)
Previously codeop.compile_command() emitted compiler warnings (SyntaxWarning or
DeprecationWarning) and raised a SyntaxError for incomplete input containing
a potentially incorrect code. Now it always returns None for incomplete input
without emitting any warnings.
(cherry picked from commit 426d72e7ddb0af5cf851914ac75127186dd1ff04)
gh-97527: IDLE: protect macosx Tk() call when no GUI (GH-97530)
Only call tkinter.tk and its follow-up code in _init_tk_type when requires('gui')
does not raise. This function can be called as an unintended side-effect of
calling other idlelib code as part of tests on macOS without a GUI enabled.
(cherry picked from commit 9704f8da333a51da32318f16106d45abb20fab76)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
gh-90155: Fix bug in asyncio.Semaphore and strengthen FIFO guarantee (GH-93222)
The main problem was that an unluckily timed task cancellation could cause
the semaphore to be stuck. There were also doubts about strict FIFO ordering
of tasks allowed to pass.
The Semaphore implementation was rewritten to be more similar to Lock.
Many tests for edge cases (including cancellation) were added.
(cherry picked from commit 24e03796248ab8c7f62d715c28156abe2f1c0d20)
[3.10] gh-96954: Add tests for unicodedata.name/lookup (GH-96955) (GH-96992)
They were undertested, and since GH-96954 might involve a
rewrite of this part of the code we want to ensure that
there won't be any behavioral change.
[3.10] gh-68966: Make mailcap refuse to match unsafe filenames/types/params (GH-91993) (GH-93543)
* gh-68966: Make mailcap refuse to match unsafe filenames/types/params (GH-91993)
(cherry picked from commit b9509ba7a9c668b984dab876c7926fe1dc5aa0ba)
* Add a What's New entry for 3.10.8.
Co-authored-by: Petr Viktorin <encukou@gmail.com> Co-authored-by: Gregory P. Smith <greg@krypto.org>
gh-96387: take_gil() resets drop request before exit (GH-96869) (GH-96941)
At Python exit, sometimes a thread holding the GIL can wait forever
for a thread (usually a daemon thread) which requested to drop the
GIL, whereas the thread already exited. To fix the race condition,
the thread which requested the GIL drop now resets its request before
exiting.
take_gil() now calls RESET_GIL_DROP_REQUEST() before
PyThread_exit_thread() if it called SET_GIL_DROP_REQUEST to fix a
race condition with drop_gil().
gh-95778: Mention sys.set_int_max_str_digits() in error message (GH-96874)
When ValueError is raised if an integer is larger than the limit,
mention sys.set_int_max_str_digits() in the error message.
(cherry picked from commit e841ffc915e82e5ea6e3b473205417d63494808d)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-94972: document that shield users need to keep a reference to their task (GH-96724)
Co-authored-by: Thomas Grainger <tagrain@gmail.com> Co-authored-by: Guido van Rossum <gvanrossum@gmail.com>
(cherry picked from commit 6281affee6423296893b509cd78dc563ca58b196)
Co-authored-by: Hendrik Makait <hendrik.makait@gmail.com>
gh-96710: Make the test timing more lenient for the int/str DoS regression test. (GH-96717)
A regression would still absolutely fail and even a flaky pass isn't
harmful as it'd fail most of the time across our N system test runs.
Windows has a low resolution timer and CI systems are prone to odd
timing so this just gives more leeway to avoid flakiness.
(cherry picked from commit 11e3548fd1d3445ccde971d613633b58d73c3016)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
gh-96652: Fix faulthandler chained signal without sigaction() (GH-96666)
Fix the faulthandler implementation of faulthandler.register(signal,
chain=True) if the sigaction() function is not available: don't call
the previous signal handler if it's NULL.
(cherry picked from commit c580a81af91af4b9df85e466f8b48c3c9c86c3df)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-92986: Fix ast.unparse when ImportFrom.level is None (GH-92992)
This doesn't happen naturally, but is allowed by the ASDL and compiler.
We don't want to change ASDL for backward compatibility reasons
(GH-57645, GH-92987)
(cherry picked from commit 200c9a8da0e2b892c476807e986009c01327e781)
[3.10] gh-95778: Correctly pre-check for int-to-str conversion (GH-96537) (#96563)
Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =)
The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact.
The justification for the current check. The C code check is:
```c
max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10
```
In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is:
$$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$
From this it follows that
$$\frac{M}{3L} < \frac{s-1}{10}$$
hence that
$$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$
So
$$2^{L(s-1)} > 10^M.$$
But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check.
bpo-30419: DOC: Update missing information in bdb docs (GH-1687)
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com> Co-authored-by: Martin Panter <vadmium@users.noreply.github.com> Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
(cherry picked from commit ccce9b77e1f599e05425eadc0cc372d142fe05e0)
[3.10] gh-95778: CVE-2020-10735: Prevent DoS by very large int() (#96501)
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org> Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
projects / thirdparty / Python / cpython.git / log
