| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
(GH-96588) (#96591)
(cherry picked from commit 2c7d2e8d46164efb6e27a64081d8e949f6876515)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
|
|
|
|
|
|
| |
Automerge-Triggered-By: GH:pablogsal
(cherry picked from commit 81e36f350b75d2ed2668825f7df6e059b57f859c)
Co-authored-by: Matthias Görgens <matthias.goergens@gmail.com>
|
|
|
|
|
|
|
|
| |
This makes tokenizer.c:valid_utf8 match stringlib/codecs.h:decode_utf8.
It also fixes an off-by-one error introduced in 3.10 for the line number when the tokenizer reports bad UTF8.
(cherry picked from commit 8bc356a7dd50cbdb46d10b8c7e457832431f5d9e)
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
|
|
|
|
| |
(cherry picked from commit 05692c67c51b78a5a5a7bb61d646519025e38015)
Co-authored-by: Michael Droettboom <mdboom@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
This backports https://github.com/python/cpython/pull/96499 aka 511ca9452033ef95bc7d7fc404b8161068226002
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
|
|
|
|
|
|
|
|
|
| |
8) (GH-95934) (GH-95936)
(cherry picked from commit a965db37f27ffb232312bc13d9a509f0d93fcd20)
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
Automerge-Triggered-By: GH:lysnikolaou
|
|
|
|
|
|
|
| |
(GH-94997)
(cherry picked from commit b5e3ea286289fcad12be78480daf3756e350f69f)
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
|
|
|
|
|
| |
(cherry picked from commit b4c857d0fd74abb1ede6fe083c4fa3ca728b2b83)
Co-authored-by: Christian Heimes <christian@python.org>
|
|
|
|
|
|
|
|
| |
GH-95355
Automerge-Triggered-By: GH:pablogsal
(cherry picked from commit b946f529efb4a623ac4ad968d8091edb81ebdcdb)
Co-authored-by: Honglin Zhu <zhuhonglin.zhl@alibaba-inc.com>
|
|
|
|
|
|
|
|
| |
(GH-95208)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
(cherry picked from commit 00474472944944b346d8409cfded84bb299f601a)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(GH-94950)
* gh-94949: Disallow parsing parenthesised ctx manager with old feature_version
* 📜🤖 Added by blurb_it.
* Allow it with feature_version=(3, 9) as well
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
(cherry picked from commit 0daba822212cd5d6c63384a27f390f0945330c2b)
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* gh-94947: Disallow parsing walrus with feature_version < (3, 8)
* oops, commit the parser
* 📜🤖 Added by blurb_it.
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
(cherry picked from commit ae0be5a53bb4caee3de4888341addd9c94133f2d)
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
|
|
|
|
|
|
|
| |
nodes (GH-94895)
(cherry picked from commit 2e9da8e3522764d09f1d6054a2be567e91a30812)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
errors from stdin (GH-94386)
* gh-94360: Fix a tokenizer crash when reading encoded files with syntax errors from stdin
Signed-off-by: Pablo Galindo <pablogsal@gmail.com>
* nitty nit
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
(cherry picked from commit 36fcde61ba48c4e918830691ecf4092e4e3b9b99)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
value. (GH-94304)
* Fix error for dictionary literals with invalid expression as value.
* Remove trailing whitespace
(cherry picked from commit 8c237a7a71d52f996f58dc58f6b6ce558d209494)
Co-authored-by: wookie184 <wookie1840@gmail.com>
|
|
|
|
|
|
|
|
|
| |
before ':' (GH-92894) (#94180)
(cherry picked from commit 2fc83ac3afa161578200dbf8d823a20e0801c0c0)
Co-authored-by: wookie184 <wookie1840@gmail.com>
Co-authored-by: wookie184 <wookie1840@gmail.com>
|
|
|
|
|
|
|
|
| |
in match statements (GH-93680)
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
(cherry picked from commit 53a8b17895e91d08f76a2fb59a555d012cd85ab4)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
|
|
|
|
|
|
|
|
|
| |
but no closing brace. (gh-93419) (gh-93422)
(cherry picked from commit ee70c70aa93d7a41cbe47a0b361b17f9d7ec8acd)
Co-authored-by: Eric V. Smith <ericvsmith@users.noreply.github.com>
Co-authored-by: Eric V. Smith <ericvsmith@users.noreply.github.com>
|
|
|
|
|
|
|
| |
compiled (GH-93359)
(cherry picked from commit 705eaec28f7bee530b1c1635ba385a49a1feaf32)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
|
|
|
|
|
| |
(cherry picked from commit 137fd3d88aa46669f5717734e823f4c594ab2843)
Co-authored-by: Christian Heimes <christian@python.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, calling Py_EnterRecursiveCall() and
Py_LeaveRecursiveCall() may use a function call or a static inline
function call, depending if the internal pycore_ceval.h header file
is included or not. Use a different name for the static inline
function to ensure that the static inline function is always used in
Python internals for best performance. Similar approach than
PyThreadState_GET() (function call) and _PyThreadState_GET() (static
inline function).
* Rename _Py_EnterRecursiveCall() to _Py_EnterRecursiveCallTstate()
* Rename _Py_LeaveRecursiveCall() to _Py_LeaveRecursiveCallTstate()
* pycore_ceval.h: Rename Py_EnterRecursiveCall() to
_Py_EnterRecursiveCall() and Py_LeaveRecursiveCall() and
_Py_LeaveRecursiveCall()
|
|
|
|
| |
(GH-91668)
|
|
|
|
|
| |
The warning emitted by the Python parser for a numeric literal
immediately followed by keyword has been changed from deprecation
warning to syntax warning.
|
|
|
|
| |
(GH-32302)
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add more informative messages to f-string syntax errors
* 📜🤖 Added by blurb_it.
* Fix whitespaces
* Change error message
* Remove the 'else' statement (as sugested in review)
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
|
|
|
| |
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
|
|
|
|
|
| |
buffers are uninitialized (GH-32129)
Automerge-Triggered-By: GH:pablogsal
|
|
|
|
|
| |
_PyTokenizer_FindEncodingFilename (GH-32033)
WASI does not have dup() and Emscripten's emulation is slow.
|
| |
|
| |
|
|
|
|
| |
unnecessary (GH-31812)
|
|
|
|
|
|
|
| |
(GH-31479)
Fix parsing a numeric literal immediately (without spaces) followed by
"not in" keywords, like in "1not in x". Now the parser only emits
a warning, not a syntax error.
|
|
|
|
| |
character if the f-string is missing a trailing right brace. (#31365)
|
| |
|
| |
|
|
|
|
| |
(GH-31241)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
global objects. (gh-30928)
We're no longer using _Py_IDENTIFIER() (or _Py_static_string()) in any core CPython code. It is still used in a number of non-builtin stdlib modules.
The replacement is: PyUnicodeObject (not pointer) fields under _PyRuntimeState, statically initialized as part of _PyRuntime. A new _Py_GET_GLOBAL_IDENTIFIER() macro facilitates lookup of the fields (along with _Py_GET_GLOBAL_STRING() for non-identifier strings).
https://bugs.python.org/issue46541#msg411799 explains the rationale for this change.
The core of the change is in:
* (new) Include/internal/pycore_global_strings.h - the declarations for the global strings, along with the macros
* Include/internal/pycore_runtime_init.h - added the static initializers for the global strings
* Include/internal/pycore_global_objects.h - where the struct in pycore_global_strings.h is hooked into _PyRuntimeState
* Tools/scripts/generate_global_objects.py - added generation of the global string declarations and static initializers
I've also added a --check flag to generate_global_objects.py (along with make check-global-objects) to check for unused global strings. That check is added to the PR CI config.
The remainder of this change updates the core code to use _Py_GET_GLOBAL_IDENTIFIER() instead of _Py_IDENTIFIER() and the related _Py*Id functions (likewise for _Py_GET_GLOBAL_STRING() instead of _Py_static_string()). This includes adding a few functions where there wasn't already an alternative to _Py*Id(), replacing the _Py_Identifier * parameter with PyObject *.
The following are not changed (yet):
* stop using _Py_IDENTIFIER() in the stdlib modules
* (maybe) get rid of _Py_IDENTIFIER(), etc. entirely -- this may not be doable as at least one package on PyPI using this (private) API
* (maybe) intern the strings during runtime init
https://bugs.python.org/issue46541
|
| |
|
|
|
|
|
|
|
|
|
|
| |
@pablogsal, sorry i failed to rebase to main, so i recreated https://github.com/python/cpython/pull/22190#issuecomment-1024633392
> PyRun_InteractiveOne\*() functions allow to explicitily set fd instead of stdin.
but stdin was hardcoded in readline call.
> This patch does not fix target file for prompt unlike original bpo one : prompt fd is unrelated to tokenizer source which could be read only. It is more of a bugfix regarding the docs : actual documentation say "prompt the user" so one would expect prompt to go on stdout not a file for both PyRun_InteractiveOne\*() and PyRun_InteractiveLoop\*().
Automerge-Triggered-By: GH:pablogsal
|
|
|
|
| |
continuation characters (GH-30130)
|
|
|
|
|
|
|
| |
sequences in f-strings. (GH-30865)
* bpo-46503: Prevent an assert from firing. Also fix one nearby tiny PEP-7 nit.
* Added blurb.
|
| |
|
|
|
|
| |
'get_error_line_from_tokenizer_buffers' (#30545)
|
|
|
|
|
| |
f-strings (GH-30529)
Automerge-Triggered-By: GH:pablogsal
|
| |
|
|
|
| |
Automerge-Triggered-By: GH:isidentical
|
|
|
|
| |
not finished (GH-30378)
|
|
|
| |
This restores commit e9898bf153d26059261ffef11f7643ae991e2a4c .
|