gh-148022: Add threat model to remote debugging docs (GH-148024)
The remote debugging protocol has been generating spurious
vulnerability reports from automated scanners that pattern-match
on "remote access" and "memory operations" without understanding
the privilege model. This section documents the security boundaries
so reporters can self-triage before submitting.
The threat model clarifies three points: attaching requires the
same OS-level privileges as GDB (ptrace, task_for_pid, or
SeDebugPrivilege), crashes caused by reading corrupted target
process memory are not security issues, and a compromised target
process is out of scope. A subsection explains when operators
should use PYTHON_DISABLE_REMOTE_DEBUG for defence-in-depth.
(cherry picked from commit edab6860a7)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
Align the QSBR thread state array to a 64-byte cache line boundary
and add padding at the end of _PyThreadStateImpl. Depending on heap
layout, the QSBR array could end up sharing a cache line with a
thread's tlbc_index, causing QSBR quiescent state updates to contend
with reads of tlbc_index in RESUME_CHECK. This is sensitive to
earlier allocations during interpreter init and can appear or
disappear with seemingly unrelated changes.
Either change alone is sufficient to fix the specific issue, but both
are worthwhile to avoid similar problems in the future.
(cherry picked from commit 6577d870b0)
gh-143050: Correct PyLong_FromString() to use _PyLong_Negate() (GH-145901)
The long_from_string_base() might return a small integer, when the
_pylong.py is used to do conversion. Hence, we must be careful here to
not smash it "small int" bit by using the _PyLong_FlipSign().
(cherry picked from commit db5936c5b8)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-146444: Don't package as part of iOS 'build hosts' target (GH-146628)
* Revert Py3.9 compatibility fixes.
* Only build the package on 'build all'.
(cherry picked from commit 6420847bda)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
gh-146444: Make Platforms/Apple/ compatible with Python 3.9 (GH-146624)
Replace "str | None" with typing.Union[str, None].
(cherry picked from commit 382c04308d)
Co-authored-by: Victor Stinner <vstinner@python.org>
The TypeError in _zstd_set_d_parameters incorrectly referred to
compression options; say decompression options instead.
(cherry picked from commit 4d0e8ee649)
Co-authored-by: cui <cuiweixie@gmail.com>
gh-146556: Fix infinite loop in annotationlib.get_annotations() on circular __wrapped__ (GH-146557)
(cherry picked from commit 2cf6a68f02)
Co-authored-by: Ramin Farajpour Cami <ramin.blackhat@gmail.com>
gh-146004: fix test_args_from_interpreter_flags on windows (GH-146580)
(cherry picked from commit 1af025dd22)
Co-authored-by: Chris Eibl <138194463+chris-eibl@users.noreply.github.com>
Docs: don't rely on implicit 'above' directions in socket docs (GH-146426)
(cherry picked from commit 3ff582238f)
Co-authored-by: Ned Batchelder <ned@nedbatchelder.com>
gh-146004: propagate all -X options to multiprocessing child processes (GH-146005)
Propagate all -X command line options to multiprocessing spawned child Python processes.
(cherry picked from commit 1efe441de7)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
gh-146310: Fix ensurepip to treat empty WHEEL_PKG_DIR as unset (GH-146357)
Path('') resolves to CWD, so an empty WHEEL_PKG_DIR string caused
ensurepip to search the current working directory for wheel files.
Add a truthiness check to treat empty strings the same as None.
(cherry picked from commit 73cc1fd4f4)
Co-authored-by: Imgyu Kim <kimimgo@gmail.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-145616: Detect Android sysconfig ABI correctly on 32-bit ARM Android on 64-bit ARM kernel (GH-145617)
When Python is running on 32-bit ARM Android on a 64-bit ARM kernel, `os.uname().machine` is `armv8l`. Such devices run the same userspace code as `armv7l` devices, so apply the same `armeabi_v7a` Android ABI to them, which works.
(cherry picked from commit 3a2b81e919)
Co-authored-by: Robert Kirkman <31490854+robertkirkman@users.noreply.github.com>
gh-146480: Override the exception in _PyErr_SetKeyError() (GH-146486)
If _PyErr_SetKeyError() is called with an exception set, it now
replaces the current exception with KeyError (as expected), instead
of setting a SystemError or failing with a fatal error (in debug
mode).
(cherry picked from commit d4153a9f76)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-146059: Cleanup pickle fast_save_enter() test (GH-146481)
Remove {"key": data}, it's not required to reproduce the bug.
Simplify also deep_nested_struct(): remove the seed parameter.
Fix a typo in a comment.
(cherry picked from commit 0c7a75aeef)
Co-authored-by: Victor Stinner <vstinner@python.org>
Ensure that multi-arch libpython dylibs aren't copied into the app, and the
standard lib is always found for framework post-processing.
(cherry picked from commit 5684b3a04c)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Modifies the iOS build script so that the clean target is more selective about
what is cleaned, the test target has a valid fallback value for ci mode, and the
cross-build directory can be customised.
(cherry picked from commit ca6dfa0f31)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Use uniform standard signature syntax in the tutorial and in
the array and collections modules documentation.
(cherry picked from commit 17070f41d4)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-146059: Call fast_save_leave() in pickle save_frozenset() (GH-146173)
Add more pickle tests: test also nested structures.
(cherry picked from commit 5c0dcb3e0d)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-146318: Document that signal.SIGSTOP is Unix-only (GH-146319)
(cherry picked from commit e44993a665)
Co-authored-by: Jonathan Dung <jonathandung@yahoo.com>
gh-145633: Fix struct.pack('f') on s390x (GH-146422)
Use PyFloat_Pack4() to raise OverflowError.
Add more tests on packing/unpacking floats.
(cherry picked from commit 8de70b31c5)
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
gh-138573: Filter out failing math tests on Solaris (GH-146402)
(cherry picked from commit 8e1469c952)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
gh-146358: Fix warnings.catch_warnings on Free Threading (GH-146374)
catch_warnings now also overrides warnings.showwarning() on Free
Threading to support custom warnings.showwarning().
(cherry picked from commit 0055140b2c)
Co-authored-by: Victor Stinner <vstinner@python.org>
Dynamically allocates the port for the pyrepl browser test, so that multiple
tests can run at the same time. Also allows the pyrepl test to honor the
CROSS_BUILD_DIR environment variable.
(cherry picked from commit 2be147e1e7)
