From 54f67ad54366f1b9161edca283e19670e065e1b8 Mon Sep 17 00:00:00 2001
From: Dustin Rodrigues <dust.rod@gmail.com>
Date: Wed, 13 Apr 2022 04:07:10 -0400
Subject: bpo-43218: Prevent venv creation when the target directory contains a
 PATH separator. (GH-24530)

---
 Lib/test/test_venv.py                                             | 8 ++++++++
 Lib/venv/__init__.py                                              | 3 +++
 Misc/NEWS.d/next/Library/2021-02-14-20-55-53.bpo-43218.VZv2M4.rst | 2 ++
 3 files changed, 13 insertions(+)
 create mode 100644 Misc/NEWS.d/next/Library/2021-02-14-20-55-53.bpo-43218.VZv2M4.rst

diff --git a/Lib/test/test_venv.py b/Lib/test/test_venv.py
index c91b754..d96cf1e 100644
--- a/Lib/test/test_venv.py
+++ b/Lib/test/test_venv.py
@@ -467,6 +467,14 @@ class BasicTest(BaseTest):
             'import os; print("__PYVENV_LAUNCHER__" in os.environ)'])
         self.assertEqual(out.strip(), 'False'.encode())
 
+    def test_pathsep_error(self):
+        """
+        Test that venv creation fails when the target directory contains
+        the path separator.
+        """
+        rmtree(self.env_dir)
+        self.assertRaises(ValueError, venv.create, self.env_dir + os.pathsep)
+
 @requireVenvCreate
 class EnsurePipTest(BaseTest):
     """Test venv module installation of pip."""
diff --git a/Lib/venv/__init__.py b/Lib/venv/__init__.py
index a8640d9..7bfbadd 100644
--- a/Lib/venv/__init__.py
+++ b/Lib/venv/__init__.py
@@ -116,6 +116,9 @@ class EnvBuilder:
             elif os.path.islink(d) or os.path.isfile(d):
                 raise ValueError('Unable to create directory %r' % d)
 
+        if os.pathsep in env_dir:
+            raise ValueError(f'Refusing to create a venv in {env_dir} because '
+                             f'it contains the PATH separator {os.pathsep}.')
         if os.path.exists(env_dir) and self.clear:
             self.clear_directory(env_dir)
         context = types.SimpleNamespace()
diff --git a/Misc/NEWS.d/next/Library/2021-02-14-20-55-53.bpo-43218.VZv2M4.rst b/Misc/NEWS.d/next/Library/2021-02-14-20-55-53.bpo-43218.VZv2M4.rst
new file mode 100644
index 0000000..31229c3
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2021-02-14-20-55-53.bpo-43218.VZv2M4.rst
@@ -0,0 +1,2 @@
+Prevent creation of a venv whose path contains the PATH separator. This
+could affect the usage of the activate script. Patch by Dustin Rodrigues.
-- 
cgit v0.12