| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When called on a closed object, readinto() segfaults on account
of a write to a freed buffer:
==220553== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==220553== Access not within mapped region at address 0x2A
==220553== at 0x48408A0: memmove (vg_replace_strmem.c:1272)
==220553== by 0x58DB0C: _buffered_readinto_generic (bufferedio.c:972)
==220553== by 0x58DCBA: _io__Buffered_readinto_impl (bufferedio.c:1053)
==220553== by 0x58DCBA: _io__Buffered_readinto (bufferedio.c.h:253)
Reproducer:
reader = open ("/dev/zero", "rb")
_void = reader.read (42)
reader.close ()
reader.readinto (bytearray (42)) GH-GH-GH- BANG!
The problem exists since 2012 when commit dc469454ec added code
to free the read buffer on close().
Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
(cherry picked from commit cb1c0746f277052e45a60d6c436a765e34722821)
Co-authored-by: Philipp Gesang <phg@phi-gamma.net>
Co-authored-by: Philipp Gesang <phg@phi-gamma.net>
|
| |
|
|
|
|
|
|
| |
(GH-18118) (GH-18146)
(cherry picked from commit 79f89e6e5a659846d1068e8b1bd8e491ccdef861)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
|
| |
|
|
| |
Fixes CVE-2019-15903. See full changelog at https://github.com/libexpat/libexpat/blob/R_2_2_8/expat/Changes..
(cherry picked from commit 52b940803860e37bcc3f6096b2d24e7c20a0e807)
|
| |
|
|
|
| |
(cherry picked from commit 2cd07920bb7d2d319999394092190f37935dc421)
Co-authored-by: Benjamin Peterson <benjamin@python.org>
|
| |
|
|
|
| |
(cherry picked from commit 3b03b09fc94425915c5b1225e9200a3a95bc827b)
Co-authored-by: Benjamin Peterson <benjamin@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue35746
(cherry picked from commit a37f52436f9aa4b9292878b72f3ff1480e2606c3)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
|
| |
Modules/_sha3/cleanup.py (GH-11413)
(cherry picked from commit d466c43e55cd32af84e353f0e9a48b09b7534f61)
Co-authored-by: Mickaël Schoentgen <contact@tiger-222.fr>
|
| |
|
|
|
|
|
|
| |
(GH-11047) (GH-11107) (GH-11108)
(cherry picked from commit bb86bf4c4eaa30b1f5192dab9f389ce0bb61114d)
(cherry picked from commit 3cae16d2e98ffaa89ddd311df70a857dfaff4020)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
| |
(GH-11077) (GH-11106)
(cherry picked from commit 8905fcc85a6fc3ac394bc89b0bbf40897e9497a6)
|
| |
|
|
|
| |
(cherry picked from commit b6ef6f69a9afc979640a5f9883f799de1364bff7)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Include <pyconfig.h> ealier in Modules/expat/xmltok.c to define
properly _POSIX_C_SOURCE. Python defines _POSIX_C_SOURCE as 200809L,
whereas <features.h> (included indirectly by <string.h>) defines
_POSIX_C_SOURCE as 199506L.
(cherry picked from commit cf247359d5b7082044eea1fa94b5211a172b1ff6)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The length check for AF_ALG salg_name and salg_type had a off-by-one
error. The code assumed that both values are not necessarily NULL
terminated. However the Kernel code for alg_bind() ensures that the last
byte of both strings are NULL terminated.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 2eb6ad8578fa9d764c21a92acd8e054e3202ad19)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In _localemodule.c and selectmodule.c, remove dead code that would
cause double decrefs if run.
In addition, replace PyList_SetItem() with PyList_SET_ITEM() in cases
where a new list is populated and there is no possibility of an error.
In addition, check if the list changed size in the loop in array_array_fromlist().
(cherry picked from commit 99d56b53560b3867844472ae381fb3f858760621)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
(GH-11015) (GH-11020) (GH-11026)
(cherry picked from commit 4c49da0cb7434c676d70b9ccf38aca82ac0d64a9)
(cherry picked from commit 602d307ac5e8a2da38a193dca3bdfef5994dfe67)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
|
|
|
| |
2. (GH-11017) (GH-11022) (GH-11024)
encoding='latin1' should be used for successful decoding.
(cherry picked from commit 8452ca15f41061c8a6297d7956df22ab476d4df4)
(cherry picked from commit 0d5730e6437b157f4aeaf5d2e67abca23448c29a)
|
| |
|
|
|
|
|
| |
character. (GH-10863)
(cherry picked from commit 3ffa8b9ba190101f674a0e524e482a83ed09cccd)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
(GH-9165). (GH-10947) (GH-10954)
(cherry picked from commit 34c7f0c04e2b4e715b2c3df1875af8939fbe7d0b)
(cherry picked from commit ac8b47c8b4edd59aaee857717d434df52ec49e6c)
Co-authored-by: William Grzybowski <wg@FreeBSD.org>
|
| |
|
|
|
|
|
|
|
| |
(GH-8113). (GH-10946) (GH-10952)
(cherry picked from commit 5b25f1d03100e2283c1b129d461ba68ac0169a14)
(cherry picked from commit 1de91a0032fed500ddd3d8c4fb7a38c0b8719f67)
Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
select() calls are retried on EINTR (per PEP 475). However, if a
timeout was provided and the deadline has passed after running the
signal handlers, rlist, wlist and xlist should be cleared since select(2)
left them unmodified.
(cherry picked from commit 7f52415a6d4841d77d3b7853e83b25a22e0048dc)
Co-authored-by: Oran Avraham <252748+oranav@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
save_reduce(). (GH-9886)
(cherry picked from commit 25d389789c59a52a31770f7c50ce9e02a8909190)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* bpo-35373: Fix PyInit_timezone() error handling
PyInit_timezone() now returns -1 at exit if an exception is raised.
Check also explicitly PyUnicode_DecodeLocale() and Py_BuildValue()
errors.
* bpo-35373: Fix PyInit_time() error handling (GH-10865)
* PyInit_time() now returns NULL if an exception is raised.
* Rename PyInit_timezone() to init_timezone(). "PyInit_" prefix is
a special prefix for function initializing a module.
init_timezone() doesn't initialize a module and the function is not
exported.
(cherry picked from commit 3bb150d8148e3cc08418077a58f43e064b9fde61)
(cherry picked from commit 5eb78c75128187a36d8e983027632fa51cc2ff4d)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
|
| |
|
|
|
|
|
|
| |
PyCArg_repr(). (GH-10853)
Use "ll" instead of the nonstandard "q".
(cherry picked from commit 062cbb67726f26794b1b461853e40696b4a0b220)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 32bc11c33cf5ccea165b5f4ac3799f02fdf9c76a)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
get_gmtoff() now returns time_t instead of int to fix the following
Visual Studio warning:
Modules\timemodule.c(1183): warning C4244: 'return':
conversion from 'time_t' to 'int', possible loss of data
(cherry picked from commit 503ce5c482cb267b0770bc46c315d5cf822bdca9)
|
| |
|
|
|
| |
(cherry picked from commit a2e3585e79c93b2372dbad46a744e28fcc6dad6d)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
|
| |
(cherry picked from commit 81524022d0c0df7a41f9b2b2df41e2ebe140e610)
(cherry picked from commit ad8ac54aa3d2323bdb5feb5e858a922840358187)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
| |
(GH-10749)
Fix also return type for few other functions (clear, releasebuffer).
(cherry picked from commit d4f9cf5545d6d8844e0726552ef2e366f5cc3abd)
|
| |
|
|
|
| |
(cherry picked from commit 5b83ef71d3060e1651d3680e805f13a1049c7d6d)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* bpo-35189: Fix eintr_tester.py (GH-10637)
Call setitimer() before each test method, instead of once per test
case, to ensure that signals are sent in each test method.
Previously, only the first method of a testcase class got signals.
Changes:
* Replace setUpClass() with setUp() and replace tearDownClass() with
tearDown().
* tearDown() now ensures that at least one signal has been sent.
* Replace support.run_unittest() with unittest.main() which has
a nicer CLI and automatically discover test cases.
(cherry picked from commit aac1f81eef971876ba5b1673db9ce6620311c469)
* bpo-35189: Retry fnctl calls on EINTR (GH-10413)
Modify the following fnctl function to retry if interrupted by a signal
(EINTR): flock, lockf, fnctl.
(cherry picked from commit b409ffa848b280c1db1b4f450bfae14f263099ac)
Co-Authored-By: nierob <nierob@users.noreply.github.com>
(cherry picked from commit 56742f1eb05401a27499af0ccdcb4e4214859fd1)
|
| |
|
|
|
|
|
|
| |
os_read_impl() now also truncates the size to _PY_READ_MAX
on macOS, to avoid to allocate a larger buffer even if _Py_read() is
limited to _PY_READ_MAX bytes (ex: INT_MAX on macOS).
(cherry picked from commit 9a0d7a7648547ffb77144bf2480155f6d7940dea)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(GH-10621)
locale.localeconv() now sets temporarily the LC_CTYPE locale to the
LC_MONETARY locale if the two locales are different and monetary
strings are non-ASCII. This temporary change affects other threads.
Changes:
* locale.localeconv() can now set LC_CTYPE to LC_MONETARY to decode
monetary fields.
* Add LocaleInfo.grouping_buffer: copy localeconv() grouping string
since it can be replaced anytime if a different thread calls
localeconv().
(cherry picked from commit 02e6bf7f2025cddcbde6432f6b6396198ab313f4)
(cherry picked from commit 6eff6b8eecd7a8eccad16419269fa18ec820922e)
|
| |
|
|
|
|
|
|
|
|
|
| |
Fixes assertion failures in _datetimemodule.c
introduced in the previous fix (see bpo-31752).
Rather of trying to handle an int subclass as exact int,
let it to use overridden special methods, but check the
result of divmod().
(cherry picked from commit 3ec0f495163da3b7a15deb2805cec48aed432f58)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
| |
"single" needs to be decrefed if PyList_Append() fails.
(cherry picked from commit 4c596d54aa6a55e9d2a3db78891e656ebbfb63c8)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
|
|
| |
(GH-10518)
If tracemalloc is not tracing Python memory allocations,
_PyMem_DumpTraceback() now suggests to enable tracemalloc
to get the traceback where the memory block has been allocated.
|
| |
|
|
|
|
|
| |
Rename our new MEMORY_SANITIZER define to _Py_MEMORY_SANITIZER.
Project based C Preprocessor namespacing at its finest. :P
(cherry picked from commit 3015fb8ce4d25603434b9b44bb7effb98a481532)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds configure flags for msan and ubsan builds to make it easier to enable.
These also encode the detail that address sanitizer and memory sanitizer
should disable pymalloc.
Define MEMORY_SANITIZER when appropriate at build time and adds workarounds
to existing code to mark things as initialized where the sanitizer is otherwise unable to
determine that. This lets our build succeed under the memory sanitizer. not all tests
pass without sanitizer failures yet but we're in pretty good shape after this.
(cherry picked from commit 1584a0081500d35dc93ff88e5836df35faf3e3e2)
Contributed by Gregory P. Smith [Google LLC]
Also includes a whitespace fix from make patchcheck to _posixsubprocess.c - unrelated to the main change that makes the CI happy so I'm just doing it now rather than creating a separate PR.
|
| |
|
|
|
|
|
|
|
|
| |
This typo doesn't affect the result because wrong bits are discarded
on implicit conversion to unsigned char, but it trips UBSan
with -fsanitize=implicit-integer-truncation.
https://bugs.python.org/issue35194
(cherry picked from commit 7a69cf47a9bbc95f95fd67c982bff121b2a903cb)
Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
|
| |
|
|
|
|
|
|
|
|
|
| |
lines. (GH-10284) (GH-10335)
Two kind of mistakes:
1. Missed space. After concatenating there is no space between words.
2. Missed comma. Causes unintentional concatenating in a list of strings..
(cherry picked from commit 34fd4c20198dea6ab2fe8dc6d32d744d9bde868d)
|
| |
|
|
|
|
|
| |
Some methods in the os module can accept path-like objects. This is documented in the general documentation but not in the function docstrings. To keep both in sync, the docstrings need to be updated to reflect that path-like objects are also accepted..
(cherry picked from commit b942707fc23454a998323c17e30be78ff1a4f0e7)
Co-authored-by: BNMetrics <luna@bnmetrics.com>
|
| |
|
|
|
|
|
|
| |
`setup.py` (GH-10289)
This could cause compile errors on macOS or other platforms.
(cherry picked from commit 318ab63c01f5b8e7562b122ab5ba01258a51277b)
Co-authored-by: Max Bélanger <aeromax@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
(GH-10217)
_io.IncrementalNewlineDecoder's initializer possibly assigns out-of-range
value to the bitwise struct field.
(cherry picked from commit b08746bfdf64e55ce33516f2065fa2aa4f51be95)
Co-authored-by: Xiang Zhang <angwerzx@126.com>
|
| |
|
|
|
| |
(cherry picked from commit 53835e92d315340444e3dd083b3f69a590b00e07)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Fix potential division by zero in BZ2_Malloc()
* Avoid division by zero in PyLzma_Malloc()
* Avoid division by zero and integer overflow in PyZlib_Malloc()
Reported by Svace static analyzer.
(cherry picked from commit 3d4fabb2a424cb04ae446ebe4428090c386f45a5)
Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
|
| |
|
|
|
|
|
| |
(GH-9873). (GH-10183)
(cherry picked from commit f192aeb95a139ede74d69e39c046c498ff288a37)
Co-authored-by: Srinivas Thatiparthy (శ్రీనివాస్ తాటిపర్తి) <srinivasreddy@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Declare functions with EXTINLINE:
* mpd_del()
* mpd_uint_zero()
* mpd_qresize()
* mpd_qresize_zero()
* mpd_minalloc()
These functions are implemented with "inline" or "ALWAYS_INLINE", but
declared without inline which cause linker error on Visual Studio in
Debug mode when using /Ob1.
(cherry picked from commit 3b1cba3701fd1321a9bdafa9e683f891369f0cfd)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
|
| |
|
|
|
|
| |
Based on the investigation by Xiang Zhang.
(cherry picked from commit df13df41a25765d8a39a77220691698498e758d4)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
|
| |
References could leak, NULL could be dereferenced, and the Expat parser could
be double freed when some errors raised.
(cherry picked from commit 9f3ed3e213b30059087d059a7d1d3b2527fa8654)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
| |
|
|
|
|
|
|
| |
timemodule.c. (GH-9961)
Guard the `CLOCK_GETTIME` et al macros in `timemodule` based on the availability of the parent functions
(cherry picked from commit 94451182ccd6729c11338926d8a3d11645e86626)
Co-authored-by: Max Bélanger <aeromax@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
truncate() (GH-5784)
path_error() uses GetLastError() on Windows, but some os functions
are implemented via CRT APIs which report errors via errno.
This may result in raising OSError with invalid error code (such
as zero).
Introduce posix_path_error() function and use it where appropriate.
(cherry picked from commit 834603112e6ca35944dd21105b01fca562dc3241)
Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
|
| |
|
|
|
|
|
|
|
| |
On failure, _PyBytes_Resize() will deallocate the bytes object and set
"result" to NULL.
https://bugs.python.org/issue34824
(cherry picked from commit 365ad2ead5bbaf7a3b18648ffa36e819559d3f75)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
|
