gh-135607: remove null checking of weakref list in dealloc of extension modules and objects (#135614)
(cherry picked from commit b1056c2a44)
Co-authored-by: Xuanteng Huang <44627253+xuantengh@users.noreply.github.com>
Co-authored-by: Kumar Aditya <kumaraditya@python.org>
gh-108765: fix comment about macro definitions in `_stat.c` post GH-108854 (GH-136027)
(cherry picked from commit 0141e7f9e6)
Co-authored-by: Lee Dogeon <dev.moreal@gmail.com>
We weren't handling non-positive maxsize values (including the default) properly
in Queue.full(). This change fixes that and adjusts an associated assert.
(cherry picked from commit c5ea8e8, AKA gh-135724)
gh-134160: Use PyModuleDef.m_free in the example module xxlimited (GH-135174)
(cherry picked from commit 1adca08d65)
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: neonene <53406459+neonene@users.noreply.github.com>
The `getlogin` function is not thread-safe: replace with `getlogin_r` where
available.
(cherry picked from commit 1ffe913c20)
Co-authored-by: Duane Griffin <duaneg@dghda.com>
random.getrandbits() can now generate more that 2**31 bits.
random.randbytes() can now generate more that 256 MiB.
(cherry picked from commit 68784fed78)
The `textiowrapper_iternext` function called `_textiowrapper_writeflush`, but did not
use a critical section, making it racy in free-threaded builds.
(cherry picked from commit 44fb7c361c)
Co-authored-by: Duane Griffin <duaneg@dghda.com>
OpenSSL and HACL*-based hash functions constructors now support both `data` and `string` parameters.
Previously these constructor functions inconsistently supported sometimes `data` and sometimes `string`,
while the documentation expected `data` to be given in all cases.
(cherry picked from commit c6e63d9d35)
(cherry picked from commit 379d0bc956)
* gh-132876: workaround broken ldexp() on Windows 10
ldexp() fails to round subnormal results before Windows 11,
so hide their bug.
(cherry picked from commit cf8941c603)
Co-authored-by: Tim Peters <tim.peters@gmail.com>
In the C implementation, remove __reduce__ and __reduce_ex__ methods
that always raise TypeError and restore __getstate__ methods that always
raise TypeErrori.
This restores fine details of the pre-3.12 behavior and unifies
both implementations.
(cherry picked from commit e9253ebf74)
The X/Open curses specification[0] and ncurses documentation[1]
both state that subwindows must be deleted before the main window.
Deleting the windows in the wrong order causes a double-free with
NetBSD's curses implementation.
To fix this, keep track of the original window object in the subwindow
object, and keep a reference to the original for the lifetime of
the subwindow.
[0] https://pubs.opengroup.org/onlinepubs/7908799/xcurses/delwin.html
[1] https://invisible-island.net/ncurses/man/curs_window.3x.html
(cherry picked from commit 0af61fe2f4)
Co-authored-by: Michael Forney <mforney@mforney.org>
Co-authored-by: Christian Veenhuis <124370897+ChVeen@users.noreply.github.com>
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Co-authored-by: Tomas R. <tomas.roun8@gmail.com>
gh-130052: Fix search_map_for_section() error handling (GH-132594)
* Don't call close() if the file descriptor is negative.
* If close() fails, chain the existing exception.
(cherry picked from commit 014c7f9047)
Co-authored-by: Victor Stinner <vstinner@python.org>
Now all protocols always accept the Bluetooth address as string and
getsockname() always returns the Bluetooth address as string.
* BTPROTO_SCO now accepts not only bytes, but str.
* BTPROTO_SCO now checks address for embedded null.
* On *BSD, BTPROTO_HCI now accepts str instead of bytes.
* On FreeBSD, getsockname() for BTPROTO_HCI now returns str instead of bytes.
* On NetBSD and DragonFly BSD, BTPROTO_HCI now checks address for embedded null.
(cherry picked from commit 1fc1df8dcc)
GH-132417: ctypes: Fix potential `Py_DECREF(NULL)` when handling functions returning `PyObject *` (GH-132418)
Some functions (such as `PyErr_Occurred`) with a `restype` set to `ctypes.py_object` may return NULL without setting an exception.
(cherry picked from commit 2aab2db146)
Co-authored-by: Nicolas Trangez <ikke@nicolast.be>
gh-132174: Fix function name in error message of `_interpreters.run_string` (GH-132175)
(cherry picked from commit f2daa96c81)
Co-authored-by: sobolevn <mail@sobolevn.me>
Co-authored-by: Brian Schubert <brianm.schubert@gmail.com>
* gh-131809: Upgrade vendored expat to 2.7.1 (GH-132192)
(cherry picked from commit c0de650024)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
* make regen-sbom
---------
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Now all structure members are initialized with zeroes by default.
(cherry picked from commit 345baa77ba)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-111178: Fix getsockaddrarg() undefined behavior (#131668)
Don't pass direct references to sockaddr members since their type may
not match PyArg_ParseTuple() types. Instead, use temporary 'int' and
'unsigned char' variables, and update sockaddr members afterwards.
On FreeBSD, treat BTPROTO_HCI node name as a bytes string,
not as an integer.
(cherry picked from commit 8cd29c2b53)
gh-131936: Strengthen check in `_suggestions._generate_suggestions` (GH-131945)
(cherry picked from commit 511d3440a0)
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
gh-126037: fix UAF in `xml.etree.ElementTree.Element.find*` when concurrent mutations happen (#127964)
We fix a use-after-free in the `find`, `findtext` and `findall` methods of `xml.etree.ElementTree.Element`
objects that can be triggered when the tag to find implements an `__eq__` method that mutates the
element being queried.
(cherry picked from commit c57623c221)
The bin tag is 3.0.16.1 because we rebuilt without uplink support to fix gh-131804.
This PR also prevents making calls that are now unsafe without uplink, and updates
the tests to property interpret these failures as unsupported.
gh-129900: Fix `SystemExit` return codes when the REPL is started from the command line (GH-129901)
(cherry picked from commit 90b82f2b61)
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
gh-131418: remove unused legacy typedefs in `{md5,sha1}module.c` (GH-131420)
- Remove legacy typedefs `MD5_INT32` and `MD5_INT64` in `Modules/md5module.c`
- Remove legacy typedefs `SHA1_INT32` and `SHA1_INT64` in `Modules/sha1module.c`.
Those legacy typedefs were used to detect whether the host platform could
correctly implement MD5 and SHA-1, but this is no longer needed as we now
fallback to HACL* implementations.
(cherry picked from commit a9a399f0ec)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-127667: refactor and improve `_hashopenssl.c` error branches (#131145)
Refactor `_setException()` into different helpers that can be used separately:
- set_ssl_exception_from_errcode(): set an exception from an explicit SSL error code.
- raise_ssl_error(): set an exception from the last SSL error code or use a user-defined message.
- notify_ssl_error_occurred(): same as raise_ssl_error() but with a generic default message.
(cherry-picked from commit ac50ece6ce).
