gh-143200: fix UAFs in `Element.__{set,get}item__` when the element is concurrently mutated (GH-143226)
(cherry picked from commit b6b0e14b3d)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-142195: Fixed Popen.communicate indefinite loops (GH-143203)
Changed condition to evaluate if timeout is less than or equals to 0. This is needed for simulated time environments such as Shadow where the time will match exactly on the boundary.
---------
(cherry picked from commit fa9a4254e8)
Co-authored-by: Prithviraj Chaudhuri <p.chaudhuri1993@gmail.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
The result tuple was leaked if __ctypes_from_outparam__() failed for any item.
(cherry picked from commit 579c5b496b)
Signed-off-by: Yongtao Huang <yongtaoh2022@gmail.com>
Co-authored-by: Yongtao Huang <yongtaoh2022@gmail.com>
This happened when the Counter was mutated when incrementing
the value for an existing key.
(cherry picked from commit 86d904588e)
Co-authored-by: kaushal trivedi <155625932+Kaushalt2004@users.noreply.github.com>
The unknown-8bit trick was designed to deal with unknown bytes in an
ASCII message, and it works fine for that. However, I also tried to
extend it to handle bytes that can't be decoded using the charset
specified in an encoded word, and there it fails because there can be
other non-ASCII characters that were *successfully* decoded. The fix is
simple: do the unknown-8bit encoding using the utf-8 codec. This is
especially appropriate since anyone trying to do recovery on an unknown
byte string will probably attempt utf-8 first.
(cherry picked from commit 1e17ccd030)
Co-authored-by: R. David Murray <rdmurray@bitdance.com>
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
gh-109263: Start process from spawn context in multiprocessing no longer have side effect (GH-135813)
(cherry picked from commit c2202a7e66)
Co-authored-by: AN Long <aisk@users.noreply.github.com>
gh-122431: Correct the non-negative error message in `readline.append_history_file` (GH-143075)
"positive" -> "non-negative", since zero is included.
(cherry picked from commit a273bc99d2)
Co-authored-by: Zheng Yu <dataisland@outlook.com>
gh-143010: Prevent a TOCTOU issue by only calling open once (GH-143011)
RDM: per AZero13's research the 'x' option did not exist when this code was written, This
modernization can thus drop the fd trick in _create_carefully and just use open with 'x' to achieve the same goal more securely.
(cherry picked from commit a88d1b8dab)
Co-authored-by: AZero13 <gfunni234@gmail.com>
Co-authored-by: sobolevn <mail@sobolevn.me>
gh-143046: Make asyncio REPL respect the `-q` flag (quiet mode) (GH-143047)
(cherry picked from commit 6213a512bf)
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
gh-79986: Add parsing for References/In-Reply-To email headers (GH-137201)
This is a followup to 46d88a1131 (GH-13397),
which added parsing for Message-ID. Similar handling is needed for the
other two identification headers.
(cherry picked from commit 79aa43a979)
Co-authored-by: elenril <anton@khirnov.net>
gh-142754: Ensure that Element & Attr instances have the ownerDocument attribute (GH-142794)
(cherry picked from commit 1cc7551b3f)
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
gh-142784: make the asyncio REPL call `loop.close()` at exit (GH-142785)
(cherry picked from commit ddfc155d3a)
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
gh-142315: Don't pass the "real path" of Pdb script target to system functions (GH-142371
---------
(cherry picked from commit d716e3b2dd)
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
Co-authored-by: Jason R. Coombs <jaraco@jaraco.com>
gh-142454: Make the JIT digest more deterministic by sorting the files in Tools/jit (GH-142455)
(cherry picked from commit bcf90de8ba)
Co-authored-by: Miro Hrončok <miro@hroncok.cz>
Co-authored-by: Ken Jin <kenjin4096@gmail.com>
For optional arguments with required=True, the ArgumentDefaultsHelpFormatter
would always add a " (default: None)" to the end of the help text.
Since that's a bit misleading, it is removed with this commit.
(cherry picked from commit 1adb17b1a2)
Co-authored-by: Fabian Henze <32638720+henzef@users.noreply.github.com>
On m68k, an fmove instruction accessing %fpcr may only move from
or to a data register or a memory operand. The constraint "g" also
permits the use of address registers, which is invalid. The correct
constraint is "dm". Beginning with GCC 15, the register allocator
picks an address register in the code which causes SIGILL during
runtime.
(cherry picked from commit 02c085d48b)
Co-authored-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Co-authored-by: Michael Karcher <github@mkarcher.dialup.fu-berlin.de>
Co-authored-by: Ivo Bellin Salarin <nilleb@users.noreply.github.com>
Co-authored-by: Martin Panter <vadmium@users.noreply.github.com>
Co-authored-by: Ivo Bellin Salarin <ivo@nilleb.com>
gh-142006: Fix HeaderWriteError in email.policy.default caused by extra newline (GH-142008)
RDM: This fixes a subtle folding error that showed up when a token exactly filled a line and was followed by whitespace and a token with no folding whitespace that was longer than a line. In this particular circumstance the whitespace after the first token got pushed on to the next line, and then stolen to go in front of the next unfoldable token...leaving a completely empty line in the line buffer. That line got turned in to a newline, which is RFC illegal, and the newish security check caught it. The fix is to just delete that empty line from the buffer.
(cherry picked from commit 07eff899d8)
Co-authored-by: Paresh Joshi <rahulj9223@gmail.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
