| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
Fix multiplying a list by an integer (list *= int): detect the
integer overflow when the new allocated length is close to the
maximum size. Issue reported by Jordan Limor.
list_resize() now checks for integer overflow before multiplying the
new allocated length by the list item size (sizeof(PyObject*)).
(cherry picked from commit a5f092f3c469b674b8d9ccbd4e4377230c9ac7cf)
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| |
|
|
|
|
|
| |
When ValueError is raised if an integer is larger than the limit,
mention sys.set_int_max_str_digits() in the error message.
(cherry picked from commit e841ffc915e82e5ea6e3b473205417d63494808d)
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| |
|
|
|
|
|
| |
(GH-96353)
(cherry picked from commit b9634ac776c24bc4d4a57859d884a94cdfe16043)
Co-authored-by: philg314 <110174000+philg314@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#96563)
Converting a large enough `int` to a decimal string raises `ValueError` as expected. However, the raise comes _after_ the quadratic-time base-conversion algorithm has run to completion. For effective DOS prevention, we need some kind of check before entering the quadratic-time loop. Oops! =)
The quick fix: essentially we catch _most_ values that exceed the threshold up front. Those that slip through will still be on the small side (read: sufficiently fast), and will get caught by the existing check so that the limit remains exact.
The justification for the current check. The C code check is:
```c
max_str_digits / (3 * PyLong_SHIFT) <= (size_a - 11) / 10
```
In GitHub markdown math-speak, writing $M$ for `max_str_digits`, $L$ for `PyLong_SHIFT` and $s$ for `size_a`, that check is:
$$\left\lfloor\frac{M}{3L}\right\rfloor \le \left\lfloor\frac{s - 11}{10}\right\rfloor$$
From this it follows that
$$\frac{M}{3L} < \frac{s-1}{10}$$
hence that
$$\frac{L(s-1)}{M} > \frac{10}{3} > \log_2(10).$$
So
$$2^{L(s-1)} > 10^M.$$
But our input integer $a$ satisfies $|a| \ge 2^{L(s-1)}$, so $|a|$ is larger than $10^M$. This shows that we don't accidentally capture anything _below_ the intended limit in the check.
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
(cherry picked from commit b126196838bbaf5f4d35120e0e6bcde435b0b480)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
This backports https://github.com/python/cpython/pull/96499 aka 511ca9452033ef95bc7d7fc404b8161068226002
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
|
| |
|
|
|
|
|
| |
indexes (GH-96188). (#96210)
(cherry picked from commit 16ebae4cd4029205d932751f26c719c6cb8a6e92)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
|
| |
|
|
| |
(GH-95207)
|
| |
|
|
|
|
|
|
| |
(GH-95665) (GH-95859)
This PR fixes the error message from float(s) in the case where s contains only whitespace.
(cherry picked from commit 97e9cfa75a80b54a0630b7371f35e368a12749d1)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
|
| |
|
|
|
|
|
| |
(GH-94891)
(cherry picked from commit f36589510b8708fa224d799d5b328deab558aa4e)
Co-authored-by: Brandt Bucher <brandtbucher@microsoft.com>
|
| |
|
|
|
| |
Need to define ALWAYS_INLINE macro for 3.10.
Co-authored-by: neonene <53406459+neonene@users.noreply.github.com>
|
| |
|
|
|
|
| |
(cherry picked from commit 11190c4ad0d3722b8d263758ac802985131a5462)
Co-authored-by: chilaxan <35645806+chilaxan@users.noreply.github.com>
Co-authored-by: Serhiy Storchaka <3659035+serhiy-storchaka@users.noreply.github.com>
|
| |
|
|
|
|
|
|
| |
Because of the way wrap_descr_get is written, the second argument
to __get__ methods implemented through the wrapper is always
optional.
(cherry picked from commit 4e08fbcfdfa57ea94091aabdd09413708e3fb2bf)
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
(GH-93719) (GH-94071)
Classes ReferenceType, ProxyType and CallableProxyType have now correct
atrtributes __module__, __name__ and __qualname__.
It makes them (types, not instances) pickleable.
(cherry picked from commit 8352e322e87ba39c71e578b65ad8ae156ca3e0c7)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
| |
(GH-93999)
(cherry picked from commit 726448ebe15cd78e180c29c9858cb6c10a581524)
|
| |
|
|
|
|
|
| |
(GH-92915) (GH-92942)
(cherry picked from commit 8a6af5a34642f5564220eb50d72caada8f17fc78)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
|
| |
(cherry picked from commit e12f34b6d8200508bd50cdc9c6c5637732ff56e7)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
|
| |
|
|
|
|
|
| |
(cherry picked from commit 2153daf0a02a598ed5df93f2f224c1ab2a2cca0d)
This patch fixes gh-87740 too.
Co-authored-by: Crowthebird <78076854+thatbirdguythatuknownot@users.noreply.github.com>
|
| | |
|
| |
|
|
|
|
|
| |
(#92370)
(cherry picked from commit 85354ed78c0edb6d81a2bd53cabc85e547b8b26e)
Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
|
| |
|
|
|
|
| |
merge_freemem(): set keys to NULL do it's harmless to call this again.
(cherry picked from commit 9652900969df77b1ac245595419431df19296af9)
Co-authored-by: Tim Peters <tim.peters@gmail.com>
|
| |
|
|
|
|
| |
* [3.10] Remove effbot urls (GH-26308).
(cherry picked from commit e9f66aedf44ccc3be27975cfb070a44ce6a6bd13)
Co-authored-by: E-Paine <63801254+E-Paine@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
| |
If the error handler returns position less or equal than the starting
position of non-encodable characters, most of built-in encoders didn't
properly re-size the output buffer. This led to out-of-bounds writes,
and segfaults.
(cherry picked from commit 18b07d773e09a2719e69aeaa925d5abb7ba0c068)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
(GH-31769) (#91662)
Co-authored-by: Éric <merwok@netwok.org>
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
(cherry picked from commit a573cb2fec664c645ab744658d7e941d72e1a398)
Co-authored-by: Oleg Iarygin <oleg@arhadthedev.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The left-hand side expression of the if-check can be converted to a
constant by the compiler, but the addition on the right-hand side is
performed during runtime.
Move the addition from the right-hand side to the left-hand side by
turning it into a subtraction there. Since the values are known to
be large enough to not turn negative, this is a safe operation.
Prevents a very unlikely integer overflow on 32 bit systems.
Fixes GH-91421.
(cherry picked from commit 0859368335d470b9ff33fc53ed9a85ec2654b278)
Co-authored-by: Tobias Stoeckmann <stoeckmann@users.noreply.github.com>
|
| | |
|
| |
|
|
|
| |
reinitialization (GH-32212) (GH-32216)
Co-authored-by: Christian Heimes <christian@python.org>
|
| |
|
|
|
|
| |
Co-authored-by: Andrew Svetlov <andrew.svetlov@gmail.com>
(cherry picked from commit 8be7c2bc5ad5e295f0f855bb31db412eef2c7c92)
Co-authored-by: Dave Goncalves <davegoncalves@gmail.com>
|
| |
|
|
|
|
|
| |
(GH-32179)
(cherry picked from commit d0c67ea0645b7ad37b867c167882a346a24de641)
Co-authored-by: Dong-hee Na <donghee.na@python.org>
|
| |
|
|
|
| |
(cherry picked from commit e3d348a5252549708fd19338b675a2c23b60d677)
Co-authored-by: Irit Katriel <1055913+iritkatriel@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
information (GH-31710) (GH-31724)
When an exception is created in a nested call to PyObject_GetAttr, any
external calls will override the context information of the
AttributeError that we have already placed in the most internal call.
This will cause the suggestions we create to nor work properly as the
attribute name and object that we will be using are the incorrect ones.
To avoid this, we need to check first if these attributes are already
set and bail out if that's the case..
(cherry picked from commit 3b3be05a164da43f201e35b6dafbc840993a4d18)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(GH-31578)
Rename the private undocumented float.__set_format__() method to
float.__setformat__() to fix a typo introduced in Python 3.7. The
method is only used by test_float.
The change enables again test_float tests on the float format which
were previously skipped because of the typo.
The typo was introduced in Python 3.7 by bpo-20185
in commit b5c51d3dd95bbfde533655fb86ac0f96f771ba7b.
(cherry picked from commit 7d03c8be5af2f1559dbc35b775b3116dfd63cfb6)
|
| |
|
|
|
|
| |
(cherry picked from commit 0a222db2bca63070f429c0e613707da1bdfaf0e0)
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
|
| |
|
|
|
|
| |
Ensure strong references are acquired whenever using `set_next()`. Added randomized test cases for `__eq__` methods that sometimes mutate sets when called.
(cherry picked from commit 4a66615ba736f84eadf9456bfd5d32a94cccf117)
Co-authored-by: Dennis Sweeney <36520290+sweeneyde@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
(GH-30696) (GH-31262)
(cherry picked from commit 0ef08530124c5ca13a9394f4ac18bee8e6c66409)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix a race condition on setting a type __bases__ attribute: the
internal function add_subclass() now gets the
PyTypeObject.tp_subclasses member after calling PyWeakref_NewRef()
which can trigger a garbage collection which can indirectly modify
PyTypeObject.tp_subclasses.
(cherry picked from commit f1c6ae3270913e095d24ae13ecf96f5a32c8c503)
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| |
|
|
|
|
|
|
| |
The docstrings for MappingProxyType's keys(), values(), and items()
methods were never updated to reflect the changes that Python 3 brought
to these APIs, namely returning views rather than lists.
(cherry picked from commit 2d10fa9bc4cf83c5e5dd73decc9a138d6d247374)
Co-authored-by: Joshua Bronson <jabronson@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(GH-20085)" (GH-30422) (GH-30425)
This reverts commit ea251806b8dffff11b30d2182af1e589caf88acf.
Keep "assert(interned == NULL);" in _PyUnicode_Fini(), but only for
the main interpreter.
Keep _PyUnicode_ClearInterned() changes avoiding the creation of a
temporary Python list object.
Leave the PyInterpreterState structure unchanged to keep the ABI
backward compatibility with Python 3.10.0: rename the "interned"
member to "unused_interned".
(cherry picked from commit 35d6540c904ef07b8602ff014e520603f84b5886)
|
| |
|
|
|
|
| |
Automerge-Triggered-By: GH:pablogsal
(cherry picked from commit 46e4c257e7c26c813620232135781e6c53fe8d4d)
Co-authored-by: Inada Naoki <songofacandy@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit fb44d0589615590b1e7895ba78a038e96b15a219)
Co-authored-by: Dong-hee Na <donghee.na@python.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(GH-29986). (GH-29988)
* [3.10] bpo-46009: Do not exhaust generator when send() method raises (GH-29986).
(cherry picked from commit 69806b9516dbe092381f3ef884c7c64bb9b8414a)
Co-authored-by: Mark Shannon <mark@hotpy.org>
* Rename variable after cherry-pick.
* Add NULL check.
|
| |
|
|
|
| |
(cherry picked from commit 91275207296c39e495fe118019a757c4ddefede8)
Co-authored-by: Mark Dickinson <mdickinson@enthought.com>
|
| |
|
|
|
|
|
|
| |
* Use Py_EnterRecursiveCall() in issubclass()
Reviewed-by: Gregory P. Smith <greg@krypto.org> [Google]
(cherry picked from commit 423fa1c1817abfa8c3d1bc308ddbbd8f28b69d68)
Co-authored-by: Dennis Sweeney <36520290+sweeneyde@users.noreply.github.com>
|
| |
|
|
|
|
| |
MAP_BOT_LENGTH was incorrectly used to compute MAP_TOP_MASK instead of
MAP_TOP_LENGTH. On 64-bit machines, the error causes the tree to hold
46-bits of virtual addresses, rather than the intended 48-bits.
(cherry picked from commit 311910b31a4bd94dc79298388b7cb65ca5546438)
|
| |
|
|
|
|
|
|
|
|
|
| |
"raw-unicode-escape" codec (GH-28944) (GH-28952)
They support now splitting escape sequences between input chunks.
Add the third parameter "final" in codecs.raw_unicode_escape_decode().
It is True by default to match the former behavior.
(cherry picked from commit 39aa98346d5dd8ac591a7cafb467af21c53f1e5d)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
"unicode-escape" codec (GH-28939) (GH-28943)
They support now splitting escape sequences between input chunks.
Add the third parameter "final" in codecs.unicode_escape_decode().
It is True by default to match the former behavior.
(cherry picked from commit c96d1546b11b4c282a7e21737cb1f5d16349656d)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
|
| |
|
|
|
| |
(cherry picked from commit 5f401f10400123afa9171548c432ea3fc37c0736)
Automerge-Triggered-By: GH:JulienPalard
|
| | |
|
| |
|
|
| |
(cherry picked from commit 252b7bcb236dc261f3af1275bc90f9a303d9648f)
|
| |
|
|
|
|
| |
of the code unit (GH-28711). (GH-28718)
(cherry picked from commit 60b9e040c9cf40e69f42c0008e564458aa0379e8)
|
| | |
|
