gh-144833: Fix use-after-free in SSL module when SSL_new() fails (GH-144843)
In newPySSLSocket(), when SSL_new() returns NULL, Py_DECREF(self)
was called before _setSSLError(get_state_ctx(self), ...), causing
a use-after-free. Additionally, get_state_ctx() was called with
self (PySSLSocket*) instead of sslctx (PySSLContext*), which is
a type confusion bug.
Fix by calling _setSSLError() before Py_DECREF() and using
sslctx instead of self for get_state_ctx().
(cherry picked from commit c91638ca06)
Co-authored-by: Ramin Farajpour Cami <ramin.blackhat@gmail.com>
gh-144759: Fix undefined behavior from NULL pointer arithmetic in lexer (GH-144788)
Guard against NULL pointer arithmetic in `_PyLexer_remember_fstring_buffers`
and `_PyLexer_restore_fstring_buffers`. When `start` or `multi_line_start`
are NULL (uninitialized in tok_mode_stack[0]), performing `NULL - tok->buf`
is undefined behavior. Add explicit NULL checks to store -1 as sentinel
and restore NULL accordingly.
Add test_lexer_buffer_realloc_with_null_start to test_repl.py that
exercises the code path where the lexer buffer is reallocated while
tok_mode_stack[0] has NULL start/multi_line_start pointers. This
triggers _PyLexer_remember_fstring_buffers and verifies the NULL
checks prevent undefined behavior.
(cherry picked from commit e6110efd03)
Co-authored-by: Ramin Farajpour Cami <ramin.blackhat@gmail.com>
[3.14] gh-144551: Update CI to use latest OpenSSL versions
Also update _ssl_data_35.h to include an added symbol from 3.5.5.
(cherry picked from commit b933ef9261)
gh-144787: [tests] Allow TLS v1.2 to be minimum version (GH-144790)
Allow TLS v1.2 to be minimum version
Updates test_min_max_version to allow TLS v1.2 to be minimum version if
TLS 1.0 and 1.1 are disabled in OpenSSL.
(cherry picked from commit d625f7da33)
Co-authored-by: Colin McAllister <colinmca242@gmail.com>
* gh-141563: Enable test_cppext internal C API tests on macOS (#144711)
Build the C API in C++11 mode on macOS.
(cherry picked from commit c6e418d174)
* gh-135906: Test more internal headers in test_cext/test_cppext (#144751)
(cherry picked from commit b488f338cf)
gh-144706: Warn against using synchronization primitives within signal handlers (GH-144736)
(cherry picked from commit 945bf8ce1b)
Co-authored-by: Robsdedude <dev@rouvenbauer.de>
Lookup for CJK ideograms and Hangul syllables is now case-insensitive,
as is the case for other character names.
(cherry picked from commit e66f4a5a9c)
Co-authored-by: James <snoopjedi@gmail.com>
This was causing ucd_3_2_0.numeric() to pick up only decimal
changes between Unicode 3.2.0 and the current version.
(cherry picked from commit 3e0322ff16)
Co-authored-by: William Meehan <wmeehan@fb.com>
gh-142518: Define lock-free and per-object lock (GH-144548)
- Add definitions of lock-free and per-object lock to the glossary
- Cross-reference these from list thread safety notes
- Change admonition to rubric
(cherry picked from commit 12dbae4c02)
Co-authored-by: Lysandros Nikolaou <lisandrosnik@gmail.com>
gh-143650: Fix importlib race condition on import failure (GH-143651)
Fix a race condition where a thread could receive a partially-initialized
module when another thread's import fails. The race occurs when:
1. Thread 1 starts importing, adds module to sys.modules
2. Thread 2 sees the module in sys.modules via the fast path
3. Thread 1's import fails, removes module from sys.modules
4. Thread 2 returns a stale module reference not in sys.modules
The fix adds verification after the "skip lock" optimization in both Python
and C code paths to check if the module is still in sys.modules. If the
module was removed (due to import failure), we retry the import so the
caller receives the actual exception from the import failure rather than
a stale module reference.
(cherry picked from commit ac8b5b6890)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
gh-144629: Add test for the PyFunction_GetAnnotations() function (GH-144630)
(cherry picked from commit cc81707e40)
Co-authored-by: Nybblista <170842536+nybblista@users.noreply.github.com>
gh-144652: Support Windows exit status in support get_signal_name() (GH-144653)
Format Windows exit status as hexadecimal.
(cherry picked from commit b121dc4347)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-134179: Use sys._clear_internal_caches() at test_cmd_line (GH-134180)
Use sys._clear_internal_caches() instead of deprecated sys._clear_type_cache() at test_cmd_line.
(cherry picked from commit dd2da42ea4)
Co-authored-by: alexey semenyuk <alexsemenyuk88@gmail.com>
(cherry picked from commit d5cb9f6a9b)
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Co-authored-by: Petr Viktorin <encukou@gmail.com>
For `enum.bin`, update versionadded directive from 3.10 to 3.11 (GH-144574)
(cherry picked from commit d73634935c)
Co-authored-by: Guo Ci <zguoci@gmail.com>
gh-143700: document `secrets.DEFAULT_ENTROPY` as an opaque value (GH-144568)
(cherry picked from commit 934997218e)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-142044: Add note to prefer `asyncio.timeout[_at]` over `asyncio.Timeout` (GH-144449)
(cherry picked from commit 0e7c06a858)
Co-authored-by: kovan <xaum.io@gmail.com>
gh-140490: Document changes for `PurePath.stem` in Python 3.14 (GH-144450)
(cherry picked from commit 16efaa225c)
Co-authored-by: kovan <xaum.io@gmail.com>
Fix thread-safety issues when accessing frame attributes while another
thread is executing the frame:
- Add critical section to frame_repr() to prevent races when accessing
the frame's code object and line number
- Add _Py_NO_SANITIZE_THREAD to PyUnstable_InterpreterFrame_GetLasti()
to allow intentional racy reads of instr_ptr.
- Fix take_ownership() to not write to the original frame's f_executable
(cherry picked from commit 5bb3bbb9c6)
Co-authored-by: Sam Gross <colesbury@gmail.com>
- Group the macros
- Roughly order them to put the most important ones first
- Add expansions where it makes sense; especially if there's
an equivalent in modern C or a common compiler
(cherry picked from commit f85e1170d2)
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
gh-144330: Initialize classmethod and staticmethod in new
Initialize cm_callable and sm_callable to None in classmethod and
staticmethod constructor.
Co-authored-by: Aniket Singh Yadav <singhyadavaniket43@gmail.com>
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
* gh-140414: add fastpath for current running loop in `asyncio.all_tasks` (GH-140542)
Optimize `asyncio.all_tasks()` for the common case where the event loop is running in the current thread by avoiding stop-the-world pauses and locking.
This optimization is already present for `asyncio.current_task()` so we do the same for `asyncio.all_tasks()`.
(cherry picked from commit 95e5d59630)
Co-authored-by: Kumar Aditya <kumaraditya@python.org>
