| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
Reason: we were too hasty in deprecating this.
We shouldn't deprecate it before we have a replacement.
(cherry picked from commit 09de8d7aafece264720afbca3052a63eee413b73)
Co-authored-by: Guido van Rossum <guido@python.org>
|
| |
|
|
|
|
|
|
|
| |
On Windows, when the Python test suite is run with the -jN option,
the ANSI code page is now used as the encoding for the stdout
temporary file, rather than using UTF-8 which can lead to decoding
errors.
(cherry picked from commit ec1f6f5f139868dc2c1116a7c7c878c38c668d53)
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix multiplying a list by an integer (list *= int): detect the
integer overflow when the new allocated length is close to the
maximum size. Issue reported by Jordan Limor.
list_resize() now checks for integer overflow before multiplying the
new allocated length by the list item size (sizeof(PyObject*)).
(cherry picked from commit a5f092f3c469b674b8d9ccbd4e4377230c9ac7cf)
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| |
|
|
|
| |
(cherry picked from commit 68c46ae68b6e0c36a12e37285fff9ce0782ed01e)
Co-authored-by: Cyker Way <cykerway@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The main problem was that an unluckily timed task cancellation could cause
the semaphore to be stuck. There were also doubts about strict FIFO ordering
of tasks allowed to pass.
The Semaphore implementation was rewritten to be more similar to Lock.
Many tests for edge cases (including cancellation) were added.
(cherry picked from commit 24e03796248ab8c7f62d715c28156abe2f1c0d20)
Co-authored-by: Cyker Way <cykerway@gmail.com>
|
| |
|
|
|
|
|
|
| |
Fix command line parsing: reject "-X int_max_str_digits" option with
no value (invalid) when the PYTHONINTMAXSTRDIGITS environment
variable is set to a valid limit.
(cherry picked from commit 41351662bcd21672d8ccfa62fe44d72027e6bcf8)
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| |
|
|
|
|
|
|
|
|
| |
* gh-96821: Assert for demonstrating undefined behaviour
* Fix UB
(cherry picked from commit cbdeda8ce7a3543cb3376d70e4cd46fcf24f42a7)
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Matthias Görgens <matthias.goergens@gmail.com>
|
| |
|
|
|
|
|
| |
When ValueError is raised if an integer is larger than the limit,
mention sys.set_int_max_str_digits() in the error message.
(cherry picked from commit e841ffc915e82e5ea6e3b473205417d63494808d)
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| |
|
|
|
|
|
| |
matching UUIDs with official releases (GH-96755)
(cherry picked from commit 662782e95f97d26bd57b3edc6aaf674e30899f44)
Co-authored-by: adang1345 <adang1345@gmail.com>
|
| |
|
|
|
|
|
| |
(GH-96588) (#96591)
(cherry picked from commit 2c7d2e8d46164efb6e27a64081d8e949f6876515)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(GH-97944) (#97969)
The macOS 13 SDK includes support for the `mkfifoat` and `mknodat` system calls.
Using the `dir_fd` option with either `os.mkfifo` or `os.mknod` could result in a
segfault if cpython is built with the macOS 13 SDK but run on an earlier
version of macOS. Prevent this by adding runtime support for detection of
these system calls ("weaklinking") as is done for other newer syscalls on
macOS.
(cherry picked from commit 6d0a0191a4e5477bd843e62c24d7f3bcad4fd5fc)
Co-authored-by: Ned Deily <nad@python.org>
|
| |
|
|
|
| |
(cherry picked from commit b44372e03c5461b6ad3d89763a9eb6cb82df07a4)
Co-authored-by: Ethan Furman <ethan@stoneleaf.us>
|
| | |
|
| |
|
|
|
|
|
| |
(GH-98460)
(cherry picked from commit 4bd63f66cd4f6e8d549f88ae0f4b0106d522b6bb)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| |
|
|
|
| |
generator/coroutine frames (GH-97812)
(cherry picked from commit 93fcc1f4133e177882850177c2c047d46019b812)
|
| |
|
|
|
|
|
| |
argv[0] in virtual environments (GH-98462)
(cherry picked from commit e48f9b2b7e73f4a89a9b9c287f3b93dc13a60460)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(GH-98501) (GH-98502)
Linux abstract sockets are insecure as they lack any form of filesystem
permissions so their use allows anyone on the system to inject code into
the process.
This removes the default preference for abstract sockets in
multiprocessing introduced in Python 3.9+ via
https://github.com/python/cpython/pull/18866 while fixing
https://github.com/python/cpython/issues/84031.
Explicit use of an abstract socket by a user now generates a
RuntimeWarning. If we choose to keep this warning, it should be
backported to the 3.7 and 3.8 branches.
(cherry picked from commit 49f61068f49747164988ffc5a442d2a63874fc17)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Automerge-Triggered-By: GH:gpshead
|
| |
|
|
|
| |
PyFrameObject (GH-98002)
(cherry picked from commit 21a2d9ff550977f2668e2cf1cc15793bf27fa109)
|
| |
|
|
|
| |
(cherry picked from commit 8fd2c3b75b90c4ee391894aa5094615bbdb6242f)
Co-authored-by: Brandt Bucher <brandtbucher@microsoft.com>
|
| |
|
|
|
|
|
|
|
|
| |
(GH-93031) (GH-97666)
Use SyntaxError invalid range in tutorial introduction example (GH-93031)
Use output from a 3.10+ REPL, showing invalid range, for the
SyntaxError examples in the tutorial introduction page.
Co-authored-by: Eddie Hebert <eddie@eddiehebert.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* gh-97740: Fix bang in Sphinx C domain ref target syntax
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
* Add NEWS entry for C domain bang fix
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
(cherry picked from commit 9148c0d893c7807331fd7be0997261e289074bc5)
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
|
| |
|
|
|
|
|
|
| |
I was perusing this file, and noticed that this part of the documentation is slightly out of date: the `struct` items in this TOML file currently contain `struct_abi_kind` members, which distinguish between the different types of ABI compatibility described in the comment.
I've updated the comment to reflect this.
(cherry picked from commit 6e533088290b909df324615df24286489603989f)
Co-authored-by: William Woodruff <william@yossarian.net>
|
| |
|
|
|
|
| |
(GH-97775) (#97873)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
| |
type>) (GH-97768) (#97924)
:c:type:`<C type>` -> :c:expr:`<C type>`
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
(cherry picked from commit 0031e62973801d34a9e19ab7bb199e9668e32d7b)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
|
| |
|
|
|
|
| |
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
(cherry picked from commit 2b5f1360ead9aa72ae00de59edfd6c229d13933f)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
|
| | |
|
| |
|
|
|
| |
(cherry picked from commit 50a70a083d34305a52fac4f5901bff2ead152d68)
Co-authored-by: Mark Shannon <mark@hotpy.org>
|
| |
|
|
|
| |
(cherry picked from commit 88a7f661ca02c0eb76b8f19234b8293b70f171e2)
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
|
| |
|
|
|
| |
Co-authored-by: Brandt Bucher <brandtbucher@gmail.com>
(cherry picked from commit aa3b4cf779b3dddb84e094879b91703354910d8c)
|
| | |
|
| |
|
|
|
|
|
| |
(GH-96353)
(cherry picked from commit b9634ac776c24bc4d4a57859d884a94cdfe16043)
Co-authored-by: philg314 <110174000+philg314@users.noreply.github.com>
|
| |
|
|
|
|
| |
(GH-25619) (#96556)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
|
| |
|
| |
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
| |
|
|
|
|
|
|
| |
Fix the faulthandler implementation of faulthandler.register(signal,
chain=True) if the sigaction() function is not available: don't call
the previous signal handler if it's NULL.
(cherry picked from commit c580a81af91af4b9df85e466f8b48c3c9c86c3df)
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| |
|
|
|
|
|
|
| |
This makes tokenizer.c:valid_utf8 match stringlib/codecs.h:decode_utf8.
It also fixes an off-by-one error introduced in 3.10 for the line number when the tokenizer reports bad UTF8.
(cherry picked from commit 8bc356a7dd50cbdb46d10b8c7e457832431f5d9e)
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 4114bcc9ef7595a07196bcecf9c7d6d39f57f64d)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| |
|
|
|
| |
(cherry picked from commit 2fd7246e97c8cc09b4e3f22933693f9d68f08163)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
|
| |
|
|
|
| |
(cherry picked from commit 05692c67c51b78a5a5a7bb61d646519025e38015)
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 67444902a0f10419a557d0a2d3b8675c31b075a9)
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
(#96617)
(cherry picked from commit 95e271b2266b8f2e7b60ede86ccf3ede4a7f83eb)
Co-authored-by: Mark Shannon <mark@hotpy.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(GH-96593)
This doesn't happen naturally, but is allowed by the ASDL and compiler.
We don't want to change ASDL for backward compatibility reasons
(GH-57645, GH-92987)
(cherry picked from commit 200c9a8da0e2b892c476807e986009c01327e781)
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
and adds What's New section (GH-96595)
(cherry picked from commit 80a9bd2e94b1759a7669fa811ed3526eb137c92d)
Co-authored-by: Steve Dower <steve.dower@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =)
The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact.
The justification for the current check. The C code check is:
```c
max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10
```
In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is:
$$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$
From this it follows that
$$\frac{M}{3L} < \frac{s-1}{10}$$
hence that
$$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$
So
$$2^{L(s-1)} > 10^M.$$
But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check.
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
(cherry picked from commit b126196838bbaf5f4d35120e0e6bcde435b0b480)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
|
| |
|
|
|
|
| |
accross -> across
(cherry picked from commit 6adb89f50a0b032e0264cb3cd400a71c0fe6e0f8)
Co-authored-by: Ikko Ashimine <eltociear@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
This backports https://github.com/python/cpython/pull/96499 aka 511ca9452033ef95bc7d7fc404b8161068226002
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
|
| |
|
|
|
|
|
|
|
| |
(#96395)
(cherry picked from commit e5b2453e61ba5376831093236d598ef5f9f1de61)
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
| |
(GH-96323) (#96344)
(cherry picked from commit e860e521ec0d84e175269aeb15cf24bd6053ad17)
Co-authored-by: Kirill <iam@python273.pw>
Co-authored-by: Kirill <iam@python273.pw>
|
| |
|
|
|
|
|
| |
(cherry picked from commit 75177358a62afeabd1d3aa0e9f395c2b9d4495ca)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
|
