gh-143200: fix UAFs in `Element.__{set,get}item__` when the element is concurrently mutated (GH-143226)
(cherry picked from commit b6b0e14b3d)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-140870: Full coverage for _pyrepl._module_completer (GH-143244)
Full coverage for _pyrepl._module_completer
(cherry picked from commit c3febba73b)
Co-authored-by: Loïc Simon <loic.simon@napta.io>
Co-authored-by: Tomas R. <tomas.roun8@gmail.com>
gh-142195: Fixed Popen.communicate indefinite loops (GH-143203)
Changed condition to evaluate if timeout is less than or equals to 0. This is needed for simulated time environments such as Shadow where the time will match exactly on the boundary.
---------
(cherry picked from commit fa9a4254e8)
Co-authored-by: Prithviraj Chaudhuri <p.chaudhuri1993@gmail.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
gh-142557: fix UAF in `bytearray.__mod__` when object is mutated while formatting `%`-style arguments (GH-143213)
(cherry picked from commit 61ee04834b)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-142975: During GC, mark frozen objects with a merged zero refcount for destruction (GH-143156)
(cherry picked from commit 8611f74e08)
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
This happened when the Counter was mutated when incrementing
the value for an existing key.
(cherry picked from commit 86d904588e)
Co-authored-by: kaushal trivedi <155625932+Kaushalt2004@users.noreply.github.com>
The unknown-8bit trick was designed to deal with unknown bytes in an
ASCII message, and it works fine for that. However, I also tried to
extend it to handle bytes that can't be decoded using the charset
specified in an encoded word, and there it fails because there can be
other non-ASCII characters that were *successfully* decoded. The fix is
simple: do the unknown-8bit encoding using the utf-8 codec. This is
especially appropriate since anyone trying to do recovery on an unknown
byte string will probably attempt utf-8 first.
(cherry picked from commit 1e17ccd030)
Co-authored-by: R. David Murray <rdmurray@bitdance.com>
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
Count the number of Element attribute accesses as a proxy for work done.
With double the amount of work, a ratio of 2.0 indicates linear scaling
and 4.0 quadratic scaling. Use 3.2 as an intermediate threshold.
(cherry picked from commit 57937a8e5e)
Co-authored-by: Sam Gross <colesbury@gmail.com>
gh-109263: Start process from spawn context in multiprocessing no longer have side effect (GH-135813)
(cherry picked from commit c2202a7e66)
Co-authored-by: AN Long <aisk@users.noreply.github.com>
gh-143010: Prevent a TOCTOU issue by only calling open once (GH-143011)
RDM: per AZero13's research the 'x' option did not exist when this code was written, This
modernization can thus drop the fd trick in _create_carefully and just use open with 'x' to achieve the same goal more securely.
(cherry picked from commit a88d1b8dab)
Co-authored-by: AZero13 <gfunni234@gmail.com>
Co-authored-by: sobolevn <mail@sobolevn.me>
gh-143046: Make asyncio REPL respect the `-q` flag (quiet mode) (GH-143047)
(cherry picked from commit 6213a512bf)
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
gh-79986: Add parsing for References/In-Reply-To email headers (GH-137201)
This is a followup to 46d88a1131 (GH-13397),
which added parsing for Message-ID. Similar handling is needed for the
other two identification headers.
(cherry picked from commit 79aa43a979)
Co-authored-by: elenril <anton@khirnov.net>
gh-142145: relax the no-longer-quadratic test timing (GH-143030)
* gh-142145: relax the no-longer-quadratic test timing
* require cpu resource
(cherry picked from commit 8d2d7bb2e7)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
gh-142754: Ensure that Element & Attr instances have the ownerDocument attribute (GH-142794)
(cherry picked from commit 1cc7551b3f)
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
gh-142560: prevent use-after-free in search-like methods by exporting buffer in bytearray (GH-142938)
(cherry picked from commit 220f0b1077)
Co-authored-by: wangxiaolei <fatelei@gmail.com>
gh-142784: make the asyncio REPL call `loop.close()` at exit (GH-142785)
(cherry picked from commit ddfc155d3a)
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
gh-112127: Fix possible use-after-free in atexit.unregister() (GH-114092)
(cherry picked from commit 2b466c47c3)
Co-authored-by: Benjamin Johnson <ben332004@gmail.com>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-142315: Don't pass the "real path" of Pdb script target to system functions (GH-142371)
* Pick target depending on preconditions
* Clarify the news fragment
* Add test capturing missed expectation.
* Add more idiomatic safe realpath helper
* Restore logic where existance and directoriness are checked on realpath.
* Link GH issue to test.
* Extract a function to check the target. Remove the _safe_realpath, now no longer needed.
* Extract method for replacing sys_path, and isolate realpath usage there.
* Revert "Extract method for replacing sys_path, and isolate realpath usage there."
This reverts commit 855aac3d28.
* Restore _safe_realpath.
---------
(cherry picked from commit d716e3b2dd)
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
Co-authored-by: Jason R. Coombs <jaraco@jaraco.com>
gh-142554: avoid `divmod` crashes due to bad `_pylong.int_divmod` (GH-142673)
(cherry picked from commit 4e4163676a)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
If there are many untracked tuples, the GC will run too often, resulting
in poor performance. The fix is to include untracked tuples in the
"long lived" object count. The number of frozen objects is also now
included since the free-threaded GC must scan those too.
(cherry picked from commit e38967ed60)
gh-142353: Isolate tests from personal GNU Readline init files (GH-142370)
Isolate tests from personal Readline init files using `INPUTRC=/dev/null` trick.
(cherry picked from commit f564654bae)
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-142556: fix crash when a task gets re-registered during finalization in `asyncio` (GH-142565)
(cherry picked from commit 42d2bedb87)
Co-authored-by: Kumar Aditya <kumaraditya@python.org>
GH-139436: Remove PDF and CHM from IDLE HelpSource (GH-140418)
(cherry picked from commit c5825ff4c9)
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
gh-142489: Increase ssl_handshake_timeout in asyncio tests (GH-142523)
Replace SHORT_TIMEOUT with LONG_TIMEOUT for very slow CIs.
And add the HANDSHAKE_TIMEOUT constant.
(cherry picked from commit dc3ece2bc0)
Co-authored-by: Victor Stinner <vstinner@python.org>
For optional arguments with required=True, the ArgumentDefaultsHelpFormatter
would always add a " (default: None)" to the end of the help text.
Since that's a bit misleading, it is removed with this commit.
(cherry picked from commit 1adb17b1a2)
Co-authored-by: Fabian Henze <32638720+henzef@users.noreply.github.com>
Co-authored-by: Ivo Bellin Salarin <nilleb@users.noreply.github.com>
Co-authored-by: Martin Panter <vadmium@users.noreply.github.com>
Co-authored-by: Ivo Bellin Salarin <ivo@nilleb.com>
