Use ZipFile.extractall() to sanitize file names and extract files.
Files with invalid names (e.g. absolute paths) are now skipped.
Files containing ".." in the name are no longer skipped.
(cherry picked from commit fc829e8875)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Neil Schemenauer <nas@arctrix.com>
Co-authored-by: Sergey Miryanov <sergey.miryanov@gmail.com>
Co-authored-by: Zanie Blue <contact@zanie.dev>
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
Co-authored-by: Neil Schemenauer <nas-github@arctrix.com>
gh-141473: Speed up subprocess test_communicate_timeout_large_input long tail (GH-149003)
gh-141473: Speed up test_communicate_timeout_large_input
Replace the slow reader's 30s sleep with a parent-driven wake over a
loopback socket so post-timeout communicate() doesn't block waiting
for the child to wake on its own. Worst-case runtime: ~30s -> <1s.
(cherry picked from commit e1384cfd25)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
gh-148947: dataclasses: fix error on empty __class__ cell (GH-148948)
Also add a test demonstrating the need for the existing "is oldcls" check.
(cherry picked from commit 6d7bbee1d5)
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
Co-authored-by: Bartosz Sławecki <bartosz@ilikepython.com>
gh-148973: fix segfault on mismatch between consts size and oparg in compiler (GH-148974)
(cherry picked from commit c650b51c32)
Co-authored-by: Irit Katriel <1055913+iritkatriel@users.noreply.github.com>
Avoid racing with the owning thread's refcount operations when
immortalizing an interned string: if we don't own it and its refcount
isn't merged, intern a copy we own instead. Use atomic stores in
_Py_SetImmortalUntracked so concurrent atomic reads are race-free.
(cherry picked from commit 4629c2215a)
Forbid marshalling recursive code and slice objects which
cannot be correctly unmarshalled.
Add multiple tests for recursive data structures.
(cherry picked from commit 2e37d83641)
gh-137814: [3.14] Fix __qualname__ of __annotate__ functions in the interpreter
I'd still like to do #137842 on 3.15+, but that requires changing bytecode and we can't
really afford to do that in 3.14. So to fix this in 3.14, let's patch things up in the
ceval loop instead.
This is safe because the compiler only sets __annotate__ to just-created dedicated
annotate functions.
gh-137335: remove a mktemp use in multiprocessing.connection to avoid security scanner noise (GH-148578)
remove a mktemp use to avoid security scanner noise
(cherry picked from commit fd81246bd5)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
The Generator._make_boundary regex did not match on boundary phrases correctly when using CRLF line endings due to re.MULTILINE not considering \r\n as a line ending.
(cherry picked from commit 4af46b4ab5)
Co-authored-by: Henry Jones <44321887+henryivesjones@users.noreply.github.com>
Adds handling for a test case seen in the iOS SSL tests where an SSL connection fails to
handshake correctly.
(cherry picked from commit c40e8b016a)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
gh-146139: Disable `socketpair` authentication on WASI (GH-146140)
Calling `connect(2)` on a non-blocking socket on WASI may leave the socket in a
"connecting" but not yet "connected" state. In the former case, calling
`getpeername(2)` on it will fail, leading to an unhandled exception in Python.
(cherry picked from commit a5b76d53bb)
Co-authored-by: Joel Dice <joel.dice@akamai.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Brett Cannon <brett@python.org>
tests: use errno.EBADF instead of hardcoded number in _close_file() (GH-148345)
test_interpreters: use errno.EBADF instead of hardcoded number in _close_file()
Replace the hardcoded `9` check in `Lib/test/test_interpreters/utils.py` with `errno.EBADF`.
Using `errno.EBADF` makes the helper portable across platforms with different errno numbering while preserving the intended behavior.
(cherry picked from commit cef334fd4c)
Co-authored-by: Artem Yarulin <artem.yarulin@kapteko.com>
gh-146313: Fix multiprocessing ResourceTracker deadlock after os.fork() (GH-146316)
`ResourceTracker.__del__` (added in gh-88887 circa Python 3.12) calls
os.waitpid(pid, 0) which blocks indefinitely if a process created via os.fork()
still holds the tracker pipe's write end. The tracker never sees EOF, never
exits, and the parent hangs at interpreter shutdown.
Fix with two layers:
- **At-fork handler.** An os.register_at_fork(after_in_child=...)
handler closes the inherited pipe fd in the child unless a preserve
flag is set. popen_fork.Popen._launch() sets the flag before its
fork so mp.Process(fork) children keep the fd and reuse the parent's
tracker (preserving gh-80849). Raw os.fork() children close the fd,
letting the parent reap promptly.
- **Timeout safety-net.** _stop_locked() gains a wait_timeout
parameter. When called from `__del__`, it polls with WNOHANG using
exponential backoff for up to 1 second instead of blocking
indefinitely. The at-fork handler makes this unreachable in
well-behaved paths; it remains for abnormal shutdowns.
(cherry picked from commit 3a7df632c9)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Co-authored-by: Itamar Oren <itamarost@gmail.com>
Fixes data races between dict mutation and watch/unwatch on the same dict.
(cherry picked from commit 3ab94d6842)
Co-authored-by: Sam Gross <colesbury@gmail.com>
gh-146333: Fix quadratic regex backtracking in configparser option parsing (GH-146399)
Use negative lookahead in option regex to prevent backtracking, and to avoid changing logic outside the regexes (since people could use the regex directly).
(cherry picked from commit 7e0a0be409)
Co-authored-by: Joshua Swanson <22283299+joshuaswanson@users.noreply.github.com>
gh-145105: Fix crash in csv.reader with re-entrant iterator (GH-145106)
When a custom iterator calls next() on the same csv.reader from
within __next__, the inner iteration sets self->fields to NULL.
The outer iteration then crashes in parse_save_field() by passing
NULL to PyList_Append.
Add a guard after PyIter_Next() to detect that fields was set to
NULL by a re-entrant call, and raise csv.Error instead of crashing.
(cherry picked from commit 20994b1809)
Co-authored-by: Ramin Farajpour Cami <ramin.blackhat@gmail.com>
decoded[:-1] only strips one character, leaving a stray \r when eol
is two characters. Fix: decoded[:-len(eol)].
(cherry picked from commit 1a0edb1fa8)
Co-authored-by: Stefan Zetzsche <120379523+stefanzetzsche@users.noreply.github.com>
Original patch by gigaplastik, extended with a few more tests.
Addresses gh-70039 and bpo-25852: failure of starttls if connect is called explicitly.
(cherry picked from commit 442f83a5ea)
Co-authored-by: nmartensen <nis.martensen@web.de>
Avoid embedding the parent's sys.argv into the forkserver -c command
string via repr(). When sys.argv is large (e.g. thousands of file
paths from a pre-commit hook), the resulting single argument could
exceed the OS per-argument length limit (MAX_ARG_STRLEN on Linux,
typically 128 KiB), causing posix_spawn to fail and the parent to
observe a BrokenPipeError.
Instead, append the argv entries as separate command-line arguments
after -c; the forkserver child reads them back as sys.argv[1:]. This
cannot exceed any limit the parent itself did not already satisfy.
Regression introduced by gh-143706 / 298d5440eb.
(cherry picked from commit 5e9d90b615)
gh-143394: Skip pyrepl test_no_newline() basic REPL if readline is missing (GH-147973)
(cherry picked from commit 97babb8ef7)
Co-authored-by: Victor Stinner <vstinner@python.org>
Allows building the Android testbed for 32-bit targets, adding the target triplets
`arm-linux-androideabi` and `i686-linux-android`.
(cherry picked from commit 848bbe9ff2)
Co-authored-by: Robert Kirkman <31490854+robertkirkman@users.noreply.github.com>
Co-authored-by: Malcolm Smith <smith@chaquo.com>
gh-143050: Correct PyLong_FromString() to use _PyLong_Negate() (GH-145901)
The long_from_string_base() might return a small integer, when the
_pylong.py is used to do conversion. Hence, we must be careful here to
not smash it "small int" bit by using the _PyLong_FlipSign().
(cherry picked from commit db5936c5b8)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-146556: Fix infinite loop in annotationlib.get_annotations() on circular __wrapped__ (GH-146557)
(cherry picked from commit 2cf6a68f02)
Co-authored-by: Ramin Farajpour Cami <ramin.blackhat@gmail.com>
