gh-144100: Fix crash for POINTER(str) used in ctypes argtypes (#144108)
(cherry picked from commit 8f459255eba2b6639f1912e5c5e318a7cdafada1)
Co-authored-by: VanshAgarwal24036 <148854295+VanshAgarwal24036@users.noreply.github.com>
gh-143935: Email preserve parens when folding comments (GH-143936)
Fix a bug in the folding of comments when flattening an email message
using a modern email policy. Comments consisting of a very long sequence of
non-foldable characters could trigger a forced line wrap that omitted the
required leading space on the continuation line, causing the remainder of
the comment to be interpreted as a new header field. This enabled header
injection with carefully crafted inputs.
(cherry picked from commit 17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2)
Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Denis Ledoux <dle@odoo.com>
gh-143237: Fix support of named pipes in the rotating logging handlers (GH-143259)
This fixes regression introduced in GH-105887.
(cherry picked from commit aa8a43d179bad5cd9fbfce63b630e2ee0bd617e4)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-143919: Reject control characters in http cookies
(cherry picked from commit 95746b3a13a985787ef53b977129041971ed7f70)
Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
Co-authored-by: sobolevn <mail@sobolevn.me>
[3.13] gh-144023: Prevent follow_symlinks from being allowed with an fd of 0 (GH-144022)
The check was (fd > 0), should be (fd >= 0).
(cherry picked from commit fa44efa0ef1972ac1e2f66996303154be11f605e)
Co-authored-by: AZero13 <gfunni234@gmail.com>
gh-143774 - Improve IDLE Format Paragraph doc (GH-143775)
Add a reminder to not rewrap code line to the Menu => Format => Reformat Paragraph entry.
In Editing and Nagivagion, add a new 'Format block' subsection that defines 'paragraph'
to better match what is dependably handled as more or less expected.
In particular, specify equal indents and that the resulting indent equals original indent.
Also mention that selections are expanded to complete lines and how to modify max length.
(Also fix a couple case errors in cross references.)
(cherry picked from commit fa3abf5a51d42b2d62e1bc89e9465b398a567e94)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
gh-143916: Reject control characters in wsgiref.headers.Headers (GH-143917)
* Add 'test.support' fixture for C0 control characters
* gh-143916: Reject control characters in wsgiref.headers.Headers
(cherry picked from commit f7fceed79ca1bceae8dbe5ba5bc8928564da7211)
Co-authored-by: Seth Michael Larson <seth@python.org>
This allows to run Tkinter tests with the specified value of
tkinter.wantobjects, for example "-u wantobjects=0".
(cherry picked from commit 21ed1e2a9401a2e96ccc910fcb66f22afc96efbd)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
[3.14] gh-143602: Fix duplicate buffer exports in io.BytesIO.write (#143629) (#143872)
gh-143602: Fix duplicate buffer exports in io.BytesIO.write (#143629)
Fix an inconsistency issue in io.BytesIO.write() where the buffer was exported
twice, which could lead to unexpected data overwrites and position drift when
the buffer changes between exports.
(cherry picked from commit c461aa99e2fabbaf5859c0a8a93e08306ee8115d)
(cherry picked from commit 1241432150f6342e3d38c5a80a19c8c157a4ebe8)
Co-authored-by: zhong <60600792+superboy-zjc@users.noreply.github.com>
This happens when the set contained several elements with the same hash,
and then some of them were removed.
(cherry picked from commit b8e925b4f8f6c5e28fbebc4f3965bf77610698b3)
Writing out an object may involve a slot lookup, which is not safe to do with
an exception raised. In debug mode an assertion failure will occur if this
happens.
(cherry picked from commit ce8f5f98c6fc95a1704360d986a4d0281eeada79)
Co-authored-by: Duane Griffin <duaneg@dghda.com>
The forkserver was not passing sys.argv to its main() function, causing
sys.argv to be empty during `__main__` module import in child processes. This
fixes a non-obvious regression inadvertently introduced by the gh-126631 main
preloading fix.
(cherry picked from commit 298d5440eb83f2dfd5651bac86d1592ec358d54c)
gh-143249: Fix buffer leak when overlapped operation fails to start on windows (GH-143250)
(cherry picked from commit 103a384bfdeafc68ab39ea9bf8838a8b2eec83dd)
Co-authored-by: Yongtao Huang <yongtaoh2022@gmail.com>
It was incorrect in case of mixed tabs and spaces in indentation.
(cherry picked from commit 5f28aa2f372339ba0c70373b96d33ec4d2879e04)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
PyObject_GetBuffer() can execute user code (e.g. via __buffer__), which may
close or otherwise mutate a BytesIO object while write() or writelines()
is in progress. This could invalidate the internal buffer and lead to a
use-after-free.
Ensure that PyObject_GetBuffer() is called before validation checks.
(cherry picked from commit 6d54b6ac7d5744e1f59d784c8e020d632d2959a3)
Co-authored-by: zhong <60600792+superboy-zjc@users.noreply.github.com>
Previously, this could cause crash or data corruption, now concurrent calls
of methods of the same object raise RuntimeError.
(cherry picked from commit d1282efb2b847bf9274d78c5f15ea00499b2c894)
When comparing negative non-integer float and int with the same number
of bits in the integer part, __neg__() in the int subclass returning
not an int caused an assertion error.
Now the integer is no longer negated. Also, reduced the number of
temporary created Python objects.
(cherry picked from commit 66bca383bd3b12d21e879d991d77b37a4c638f88)
[3.14] gh-143547: Fix PyErr_FormatUnraisable() fallback (GH-143557) (GH-143603)
gh-143547: Fix PyErr_FormatUnraisable() fallback (GH-143557)
Hold a strong reference to 'hook' while calling the default
unraisable took to log hook failure.
(cherry picked from commit 1d0baf1ae48f98b61cc869a82e1b7206298f653f)
(cherry picked from commit 39a2bcf949095bd603f7b73f15b5b478dbb49ba9)
Co-authored-by: Victor Stinner <vstinner@python.org>
In optimized and `-Og` builds, arguments and local variables are frequently
unavailable in gdb. This makes `py-bt` fail to print anything useful. Use the
`PyThreadState*` pointers `_Py_tss_gilstate` and `Py_tss_tstate` to find the
interpreter frame if we can't get the frame from the
`_PyEval_EvalFrameDefault` call.
(cherry picked from commit 49c3b0a67a77bb42e736cea7dcbc1aa8fa704074)
Co-authored-by: Victor Stinner <vstinner@python.org>
For example, "-u xpickle=2.7" will run test_xpickle only against Python 2.7.
(cherry picked from commit c07e5ec0a9e5843fc39dec6aa94172faf6354858)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Move data classes used in tests to separate file test_picklecommon.py,
so it can be imported in old Python versions.
(cherry picked from commit 8735daf3e82d50defd791e9be7b9ae6843bc4ed1)
(cherry picked from commit ff0a8b72892e94ef6616ed70241d23985f7a5ac4)
Co-authored-by: Ken Jin <kenjin@python.org>
When __length_hint__() returns 0 for non-empty iterator, the data can be
written past the shared 0-terminated buffer, corrupting it.
(cherry picked from commit 522563549a49d28e763635c58274a23a6055f041)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
[3.13] gh-143309: fix UAF in `os.execve` when the environment is concurrently mutated (GH-143314) (#143431)
(cherry picked from commit 9609574e7fd36edfaa8b575558a82cc14e65bfbc)
(cherry picked from commit c99f7667436d8978b4077704333e2a351f2a026f)
gh-140648: Make asyncio REPL respect the `-I` flag (isolated mode) (GH-143045)
(cherry picked from commit e7c542de5f069a4b83e8eded3067613e4d59a529)
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
gh-143200: fix UAFs in `Element.__{set,get}item__` when the element is concurrently mutated (GH-143226)
(cherry picked from commit b6b0e14b3d4aa9e9b89bef9a516177238883e1a7)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-142195: Fixed Popen.communicate indefinite loops (GH-143203)
Changed condition to evaluate if timeout is less than or equals to 0. This is needed for simulated time environments such as Shadow where the time will match exactly on the boundary.
---------
(cherry picked from commit fa9a4254e81c0abcc3345021c45aaf5f788f9ea9)
Co-authored-by: Prithviraj Chaudhuri <p.chaudhuri1993@gmail.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
