On macOS all file descriptors for a particular file in /dev/fd
share the same file offset, that is ``open("/dev/fd/9", "r")`` behaves
more like ``dup(9)`` than a regular open.
This causes problems when a user tries to run "/dev/fd/9" as a script
because zipimport changes the file offset to try to read a zipfile
directory. Therefore change zipimport to reset the file offset after
trying to read the zipfile directory.
(cherry picked from commit d08fb257698e3475d6f69bb808211d39e344e5b2)
Co-authored-by: Ronald Oussoren <ronaldoussoren@mac.com>
* Regen zipimport
---------
Co-authored-by: Ronald Oussoren <ronaldoussoren@mac.com>
Co-authored-by: Shantanu <12621235+hauntsaninja@users.noreply.github.com>
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
The error-handling code in new_interpreter() has been broken for a while. We hadn't noticed because those code mostly doesn't fail. (I noticed while working on gh-101660.) The problem is that we try to clear/delete the newly-created thread/interpreter using itself, which just failed. The solution is to switch back to the calling thread state first.
(cherry picked from commit d1b883b52a99427d234c20e4a92ddfa6a1da8880)
Co-authored-by: Eric Snow <ericsnowcurrently@gmail.com>
https: //github.com/python/cpython/issues/98608
Add thrashcan macros to the deallocator of the filter objects to protect against deeply nested destruction of chains of nested filters.
(cherry picked from commit 66aa78cbe604a7c5731f074b869f92174a8e3b64)
Co-authored-by: Marta Gómez Macías <mgmacias@google.com>
[3.10] GH-102126: fix deadlock at shutdown when clearing thread states (GH-102222).
(cherry picked from commit 5f11478ce7fda826d399530af4c5ca96c592f144)
* [3.10] gh-97786: Fix compiler warnings in pytime.c (GH-101826)
Fixes compiler warnings in pytime.c..
(cherry picked from commit b1b375e2670a58fc37cb4c2629ed73b045159918)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
* Add comment about the casts
---------
Co-authored-by: Gregory P. Smith <greg@krypto.org>
* [3.10] Update copyright years to 2023. (gh-100848).
(cherry picked from commit 11f99323c2ae0ec428c370a335695e3d8d4afc1d)
Co-authored-by: Benjamin Peterson <benjamin@python.org>
* Update additional copyright years to 2023.
Co-authored-by: Ned Deily <nad@python.org>
Fix a reference bug in _imp.create_builtin() after the creation of
the first sub-interpreter for modules "builtins" and "sys".
(cherry picked from commit cb2ef8b2acbb231c207207d3375b2f8b0077a6ee)
Co-authored-by: Victor Stinner <vstinner@python.org>
Fix command line parsing: reject "-X int_max_str_digits" option with
no value (invalid) when the PYTHONINTMAXSTRDIGITS environment
variable is set to a valid limit.
(cherry picked from commit 41351662bcd21672d8ccfa62fe44d72027e6bcf8)
Co-authored-by: Victor Stinner <vstinner@python.org>
At Python exit, sometimes a thread holding the GIL can wait forever
for a thread (usually a daemon thread) which requested to drop the
GIL, whereas the thread already exited. To fix the race condition,
the thread which requested the GIL drop now resets its request before
exiting.
take_gil() now calls RESET_GIL_DROP_REQUEST() before
PyThread_exit_thread() if it called SET_GIL_DROP_REQUEST to fix a
race condition with drop_gil().
Issue discovered and analyzed by Mingliang ZHAO.
(cherry picked from commit 04f4977f508583954ad7b9cb09076ee1e57461f8)
(cherry picked from commit 6ff54716f1073a4bcfed8a1ec0b518c489c1af0d)
Co-authored-by: Victor Stinner <vstinner@python.org>
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
This backports https://github.com/python/cpython/pull/96499 aka 511ca9452033ef95bc7d7fc404b8161068226002
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
When keyword argument name is an instance of a str subclass with
overloaded methods __eq__ and __hash__, the former code could not find
the name of an extraneous keyword argument to report an error, and
_PyArg_UnpackKeywords() returned success without setting the
corresponding cell in the linearized arguments array. But since the number
of expected initialized cells is determined as the total number of passed
arguments, this lead to reading NULL as a keyword parameter value, that
caused SystemError or crash or other undesired behavior..
(cherry picked from commit ebad53a4dc1bb591820724a22cef9b8459185b5f)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
It returned 1 (success) when warnings are turned into exceptions.
(cherry picked from commit 107c21c5d56682320b38c01b5575c1604a429239)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
It combines PyImport_ImportModule() and PyObject_GetAttrString()
and saves 4-6 lines of code on every use.
Add also _PyImport_GetModuleAttr() which takes Python strings as arguments.
(cherry picked from commit 6fd4c8ec7740523bb81191c013118d9d6959bc9d)
(cherry picked from commit d42b3689f4a14694f5b1ff75c155141102aa2557)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Fix __ltrace__ debug feature if the stdout encoding is not UTF-8.
If the stdout encoding is not UTF-8, the first call to
lltrace_resume_frame() indirectly sets lltrace to 0 when calling
unicode_check_encoding_errors() which calls
encodings.search_function().
Add test_lltrace.test_lltrace() test.
Also while there, clarify a few things about why we reduce the hash to 32 bits.
Co-authored-by: Eli Libman <eli@hyro.ai>
Co-authored-by: Yury Selivanov <yury@edgedb.com>
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
(cherry picked from commit c1f5c903a7e4ed27190488f4e33b00d3c3d952e5)
_Py_closerange() currently assumes that close_range() closes
all file descriptors even if it returns an error (other than ENOSYS).
This assumption can be wrong on Linux if a seccomp sandbox denies
the underlying syscall, pretending that it returns EPERM or EACCES.
In this case _Py_closerange() won't close any descriptors at all,
which in the worst case can be a security issue.
Fix this by falling back to other methods in case of any close_range()
error. Note that fallbacks will not be triggered on any problems with
closing individual file descriptors because close_range() is documented
to ignore such errors on both Linux[1] and FreeBSD[2].
[1] https://man7.org/linux/man-pages/man2/close_range.2.html
[2] https://www.freebsd.org/cgi/man.cgi?query=close_range&sektion=2
(cherry picked from commit 1c8b3b5d66a629258f1db16939b996264a8b9c37)
Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
When an exception is created in a nested call to PyObject_GetAttr, any
external calls will override the context information of the
AttributeError that we have already placed in the most internal call.
This will cause the suggestions we create to nor work properly as the
attribute name and object that we will be using are the incorrect ones.
To avoid this, we need to check first if these attributes are already
set and bail out if that's the case..
(cherry picked from commit 3b3be05a164da43f201e35b6dafbc840993a4d18)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
First introduced in 0332e569c12d3dc97171546c6dc10e42c27de34b
(cherry picked from commit 607d8a838f29ad3c4c4e85b39f338dade5f9cafe)
Co-authored-by: Yury Selivanov <yury@edgedb.com>
(cherry picked from commit 59435eea08d30796174552c0ca03c59b41adf8a5)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
* [3.10] bpo-46009: Do not exhaust generator when send() method raises (GH-29986).
(cherry picked from commit 69806b9516dbe092381f3ef884c7c64bb9b8414a)
Co-authored-by: Mark Shannon <mark@hotpy.org>
* Rename variable after cherry-pick.
* Add NULL check.
If the string is ASCII only and doesn't need to escape characters,
write the whole string with a single write() syscall.
(cherry picked from commit b919d8105c4d77f00509b6d3ab2073f09db640de)
Co-authored-by: Victor Stinner <vstinner@python.org>
