gh-126037: fix UAF in `xml.etree.ElementTree.Element.find*` when concurrent mutations happen (#127964)
We fix a use-after-free in the `find`, `findtext` and `findall` methods of `xml.etree.ElementTree.Element`
objects that can be triggered when the tag to find implements an `__eq__` method that mutates the
element being queried.
(cherry picked from commit c57623c221)
The bin tag is 3.0.16.1 because we rebuilt without uplink support to fix gh-131804.
This PR also prevents making calls that are now unsafe without uplink, and updates
the tests to property interpret these failures as unsupported.
gh-129900: Fix `SystemExit` return codes when the REPL is started from the command line (GH-129901)
(cherry picked from commit 90b82f2b61)
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
gh-131418: remove unused legacy typedefs in `{md5,sha1}module.c` (GH-131420)
- Remove legacy typedefs `MD5_INT32` and `MD5_INT64` in `Modules/md5module.c`
- Remove legacy typedefs `SHA1_INT32` and `SHA1_INT64` in `Modules/sha1module.c`.
Those legacy typedefs were used to detect whether the host platform could
correctly implement MD5 and SHA-1, but this is no longer needed as we now
fallback to HACL* implementations.
(cherry picked from commit a9a399f0ec)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-127667: refactor and improve `_hashopenssl.c` error branches (#131145)
Refactor `_setException()` into different helpers that can be used separately:
- set_ssl_exception_from_errcode(): set an exception from an explicit SSL error code.
- raise_ssl_error(): set an exception from the last SSL error code or use a user-defined message.
- notify_ssl_error_occurred(): same as raise_ssl_error() but with a generic default message.
(cherry-picked from commit ac50ece6ce).
(cherry picked from commit 90130807d9)
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
gh-130740: Move some `stdbool.h` includes after `Python.h` (#130738)
Move some `#include <stdbool.h>` after `#include "Python.h"` when `pyconfig.h` is not
included first and when we are in a platform-agnostic context. This is to avoid having
features defined by `stdbool.h` before those decided by `Python.h` (this caused some
build failures when compiling CPython with `zig cc`).
(cherry-picked from commit 214562ed4d)
---------
Co-authored-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
gh-127667: fix memory leaks in `hashlib` (GH-127668)
- Correctly handle `NULL` values returned by `EVP_MD_CTX_md`.
- Correctly free resources in error branches.
- Consistently suppress `_setException()` return value when needed.
- Collapse `_setException() + return NULL` into a single statement.
(cherry-picked from commit 097846502b)
The use of PySys_GetObject() and _PySys_GetAttr(), which return a borrowed
reference, has been replaced by using one of the following functions, which
return a strong reference and distinguish a missing attribute from an error:
_PySys_GetOptionalAttr(), _PySys_GetOptionalAttrString(),
_PySys_GetRequiredAttr(), and _PySys_GetRequiredAttrString().
(cherry picked from commit 0ef4ffeefd)
gh-129838: Don't redefine _Py_NO_SANITIZE_UNDEFINED (GH-129839)
Newer GCC versions accept both __attribute__((no_sanitize("undefined")))
and __attribute__((no_sanitize_undefined)) so check that the macro is
not already defined.
(cherry picked from commit 568db400ff)
Co-authored-by: Collin Funk <collin.funk1@gmail.com>
gh-129983: fix data race in compile_template in sre.c (#130015)
(cherry picked from commit 3cf68cdd3e)
Co-authored-by: Tomasz Pytel <tompytel@gmail.com>
gh-129502: Fix handling errors in ctypes callbacks (GH-129504)
Unlikely errors in preparing arguments for ctypes callback are now
handled in the same way as errors raised in the callback of in converting
the result of the callback -- using sys.unraisablehook() instead of
sys.excepthook() and not setting sys.last_exc and other variables.
(cherry picked from commit 9d63ae5fe5)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-129409: Fix Integer overflow - SEGV while writing data more than 2GB in CSV file (GH-129413)
(cherry picked from commit 97b0ef05d9)
Co-authored-by: Srinivas Reddy Thatiparthy (తాటిపర్తి శ్రీనివాస్ రెడ్డి) <thatiparthysreenivas@gmail.com>
gh-129185: Fix PyTraceMalloc_Untrack() at Python exit (#129191)
Support calling PyTraceMalloc_Track() and PyTraceMalloc_Untrack()
during late Python finalization.
* Call _PyTraceMalloc_Fini() later in Python finalization.
* Test also PyTraceMalloc_Untrack() without the GIL
* PyTraceMalloc_Untrack() now gets the GIL.
* Test also PyTraceMalloc_Untrack() in test_tracemalloc_track_race().
(cherry picked from commit 46c7e13c05)
tracemalloc_alloc(), tracemalloc_realloc(), PyTraceMalloc_Track(),
PyTraceMalloc_Untrack() and _PyTraceMalloc_TraceRef() now check
tracemalloc_config.tracing after calling TABLES_LOCK().
_PyTraceMalloc_Stop() now protects more code with TABLES_LOCK(),
especially setting tracemalloc_config.tracing to 1.
Add a test using PyTraceMalloc_Track() to test tracemalloc.stop()
race condition.
Call _PyTraceMalloc_Init() at Python startup.
gh-58689: Fix os.kill() error handling on Windows (GH-128932)
(cherry picked from commit 939df0f9f6)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-127196: Fix crash in `_interpreters`, when `shared` had invalid encodings (GH-127220)
(cherry picked from commit 087bb48aca)
Co-authored-by: sobolevn <mail@sobolevn.me>
- Add a helper to set an error from locale-encoded `char*`
- Use the helper for gdbm & dlerror messages
(cherry picked from commit 7303f06846)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-127257: ssl: Raise OSError for ERR_LIB_SYS (GH-127361)
From the ERR_raise manpage:
ERR_LIB_SYS
This "library code" indicates that a system error is
being reported. In this case, the reason code given
to `ERR_raise()` and `ERR_raise_data()` *must* be
`errno(3)`.
This PR only handles ERR_LIB_SYS for the high-lever error types
SSL_ERROR_SYSCALL and SSL_ERROR_SSL, i.e., not the ones where
OpenSSL indicates it has some more information about the issue.
(cherry picked from commit f4b31edf2d)
Co-authored-by: Petr Viktorin <encukou@gmail.com>
gh-122431: Disallow negative values in `readline.append_history_file` (GH-122469)
(cherry picked from commit 208b0fb645)
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-93312: Include <sys/pidfd.h> to get PIDFD_NONBLOCK (GH-127593)
(cherry picked from commit fcbe6ecdb6)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-126876: Fix socket internal_select() for large timeout (GH-126968)
If the timeout is larger than INT_MAX, replace it with INT_MAX, in
the poll() code path.
Add an unit test.
(cherry picked from commit b3687ad454)
Co-authored-by: Victor Stinner <vstinner@python.org>
