mirror/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2026-01-27 21:25:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
cpython/Include
History
Sebastian Pipping 0e4cd89781
[3.12] gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (GH-139234) (#139527) 
* [3.12] gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (GH-139234)

Expose the XML Expat 2.7.2 mitigation APIs to disallow use of
disproportional amounts of dynamic memory from within an Expat
parser (see CVE-2025-59375 for instance).

The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:

- `parser.SetAllocTrackerActivationThreshold(threshold)`, and
- `parser.SetAllocTrackerMaximumAmplification(max_factor)`.

(cherry picked from commit f04bea44c37793561d753dd4ca6e7cd658137553)
(cherry picked from commit 68a1778b7721f3fb853cd3aa674f7039c2a4df36)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
2025-12-17 15:58:59 +01:00
..
cpython
[3.12] gh-133767: Fix use-after-free in the unicode-escape decoder with an error handler (GH-129648) (GH-133944) (#134337)
2025-05-25 20:33:22 -07:00
internal
[3.12] gh-131082: Add missing guards for WIN32_LEAN_AND_MEAN (#131044) (#131085)
2025-03-11 11:55:13 +00:00
abstract.h
gh-98586: Add vector call APIs to the Limited API (GH-98587)
2022-10-27 11:45:42 +02:00
bltinmodule.h
boolobject.h
[3.12] gh-106560: Fix redundant declarations in Include/ (#112611) (#112650)
2023-12-03 11:45:32 +00:00
bytearrayobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
bytesobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
ceval.h
gh-87347: Add parenthesis around macro arguments (#93915)
2022-06-20 16:04:52 +02:00
codecs.h
compile.h
[3.12] gh-109596: Ensure repeated rules in the grammar are not allowed and fix incorrect soft keywords (GH-109606). (#109752)
2023-10-02 17:22:07 +02:00
complexobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
datetime.h
gh-87347: Add parenthesis around macro arguments (#93915)
2022-06-20 16:04:52 +02:00
descrobject.h
gh-103509: PEP 697 -- Limited C API for Extending Opaque Types (GH-103511)
2023-05-04 09:56:53 +02:00
dictobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
dynamic_annotations.h
gh-96959: Update HTTP links which are redirected to HTTPS (GH-96961)
2022-09-24 14:38:53 +03:00
enumobject.h
errcode.h
[3.12] gh-107450: Check for overflow in the tokenizer and fix overflow test (GH-110832) (#110931)
2023-10-16 18:59:18 +02:00
exports.h
gh-88267: Avoid DLL exporting functions from static builds on Windows(GH-99888)
2022-12-09 11:16:15 +00:00
fileobject.h
[3.12] gh-77782: Deprecate Py_HasFileSystemDefaultEncoding (GH-106272) (#106274)
2023-06-30 10:21:36 +00:00
fileutils.h
floatobject.h
[3.12] gh-121905: Consistently use "floating-point" instead of "floating point" (GH-121907) (GH-122013)
2024-07-19 09:08:33 +00:00
frameobject.h
genericaliasobject.h
import.h
gh-87347: Add parenthesis around macro arguments (#93915)
2022-06-20 16:04:52 +02:00
interpreteridobject.h
[3.12] gh-101524: Only Use Public C-API in the _xxsubinterpreters Module (gh-105258) (gh-107303)
2023-07-27 13:15:47 -06:00
intrcheck.h
iterobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
listobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
longobject.h
[3.12] gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows 64-bit platforms (GH-117064) (GH-117070)
2024-03-20 16:44:05 +02:00
marshal.h
memoryobject.h
gh-79315: Add Include/cpython/memoryobject.h header (#99723)
2022-11-23 15:44:42 +01:00
methodobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
modsupport.h
[3.12] gh-107226: PyModule_AddObjectRef() should only be in the limited API 3.10 (GH-107227) (GH-107260)
2023-07-25 23:01:18 +03:00
moduleobject.h
[3.12] gh-111698: Restrict Py_mod_multiple_interpreters to 3.12+ Under Py_LIMITED_API (gh-111707) (gh-111787)
2023-11-27 19:42:27 -07:00
object.h
[3.12] gh-116869: Make C API compatible with ISO C90 (GH-116950) (#117011)
2024-03-19 16:06:15 +00:00
objimpl.h
gh-102013: Add PyUnstable_GC_VisitObjects (#102014)
2023-03-14 01:35:54 +00:00
opcode.h
gh-103865: add monitoring support to LOAD_SUPER_ATTR (#103866)
2023-05-16 10:29:00 -06:00
osdefs.h
osmodule.h
patchlevel.h
Post 3.12.12
2025-10-09 13:46:51 +02:00
py_curses.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
pybuffer.h
gh-102500: Implement PEP 688 (#102521)
2023-05-04 07:59:46 -07:00
pycapsule.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
pydtrace.d
pydtrace.h
Fix pydtrace.d path comment in Include/pydtrace.h (#28539)
2022-12-31 22:40:25 +05:30
pyerrors.h
GH-101578: Normalize the current exception (GH-101607)
2023-02-08 09:31:12 +00:00
pyexpat.h
[3.12] gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (GH-139234) (#139527)
2025-12-17 15:58:59 +01:00
pyframe.h
gh-93937, C API: Move PyFrame_GetBack() to Python.h (#93938)
2022-06-19 12:02:33 +02:00
pyhash.h
pylifecycle.h
bpo-43931: Export Python version as API data (GH-25577)
2021-12-09 17:52:05 -08:00
pymacconfig.h
[3.12] gh-110820: Disable test_signal.test_stress_modifying_handlers on macOS (GH-112834)
2023-12-09 15:53:16 +01:00
pymacro.h
[3.12] gh-107249: Implement Py_UNUSED() for MSVC (GH-107250) (#127907)
2024-12-13 11:58:47 +00:00
pymath.h
gh-104263: Rely on Py_NAN and introduce Py_INFINITY (GH-104202)
2023-05-10 17:44:52 +01:00
pymem.h
gh-87347: Add parenthesis around macro arguments (#93915)
2022-06-20 16:04:52 +02:00
pyport.h
[3.12] gh-112536: Define _Py_THREAD_SANITIZER on GCC when TSan is enabled (GH-117702) (#117713)
2024-04-10 14:38:10 +00:00
pystate.h
bpo-45459: C API uses type names rather than structure names (GH-31528)
2022-02-24 17:51:59 +01:00
pystats.h
Remove useless symbol in pystats.h (#101864)
2023-04-09 14:13:21 +05:30
pystrcmp.h
pystrtod.h
bpo-45995: add "z" format specifer to coerce negative 0 to zero (GH-30049)
2022-04-11 15:34:18 +01:00
Python.h
[3.12] gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows 64-bit platforms (GH-117064) (GH-117070)
2024-03-20 16:44:05 +02:00
pythonrun.h
gh-102755: PyErr_DisplayException only in ABI >= 3.12. Tests cover PyErr_Display as well (GH-102849)
2023-03-21 10:36:18 +01:00
pythread.h
bpo-42047: Add native thread ID for DragonFlyBSD (#22714)
2022-05-18 15:10:10 +02:00
pytypedefs.h
bpo-45459: Fix PyModuleDef_Slot type in the limited C API (GH-31668)
2022-03-03 23:06:55 +01:00
rangeobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
README.rst
gh-101101: Unstable C API tier (PEP 689) (GH-101102)
2023-02-28 09:31:01 +01:00
setobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
sliceobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
structmember.h
gh-47146: Soft-deprecate structmember.h, expose its contents via Python.h (GH-99014)
2022-11-22 08:25:43 +01:00
structseq.h
gh-87347: Add parenthesis around macro arguments (#93915)
2022-06-20 16:04:52 +02:00
sysmodule.h
gh-103295: expose API for writing perf map files (#103546)
2023-05-21 11:12:24 +01:00
traceback.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
tracemalloc.h
[3.12] gh-128679: Fix tracemalloc.stop() race conditions (#128897) (#129022)
2025-01-19 13:24:14 +00:00
tupleobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00
typeslots.h
bpo-45459: Add Py_buffer to limited API (GH-29991)
2022-02-02 07:03:10 -08:00
unicodeobject.h
Fix typo in "expected" word in few source files (#104034)
2023-05-01 09:45:50 -06:00
warnings.h
weakrefobject.h
gh-87347: Add parenthesis around PyXXX_Check() arguments (#92815)
2022-06-16 13:49:43 +02:00

README.rst 

The Python C API
================

The C API is divided into these sections:

1. ``Include/``: Limited API
2. ``Include/cpython/``: CPython implementation details
3. ``Include/cpython/``, names with the ``PyUnstable_`` prefix: API that can
   change between minor releases
4. ``Include/internal/``, and any name with ``_`` prefix: The internal API

Information on changing the C API is available `in the developer guide`_

.. _in the developer guide: https://devguide.python.org/c-api/