gh-140120: Refresh HACL* to fix an hmac memory leak (GH-140188)
This pulls an updated version of HACL* that fixes the memory leak reported in GH-140120, via an upstream fix.
(cherry picked from commit 3a81313019)
Co-authored-by: Jonathan Protzenko <jonathan.protzenko+github@gmail.com>
The previous `Py_REFCNT(x) == 1` checks can have data races in the free
threaded build. `_PyObject_IsUniquelyReferenced(x)` is a more conservative
check that is safe in the free threaded build and is identical to
`Py_REFCNT(x) == 1` in the default GIL-enabled build.
(cherry picked from commit 32c264982e)
Co-authored-by: Sergey Miryanov <sergey.miryanov@gmail.com>
* [3.14] gh-102431: Clarify constraints on operands of Decimal logical operations (GH-102836)
Sync C/Python implementation of the decimal: logical_ops for contexts.
(cherry picked from commit 6ecf77dbde)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
* [3.14] gh-139894: fix incorrect sharing of current task while forking in `asyncio` (GH-139897)
Fix incorrect sharing of current task with the forked child process by clearing thread state's current task and current loop in `PyOS_AfterFork_Child`.
(cherry picked from commit b881df47ff)
Co-authored-by: Kumar Aditya <kumaraditya@python.org>
* Update Lib/test/test_asyncio/test_unix_events.py
* [3.14] gh-139748: fix leaks in AC error paths when using unicode FS-based converters (GH-139765)
(cherry picked from commit b04a57deef)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
It should interpret the result of wcsxfrm() as a sequence of abstract
integers, not a sequence of Unicode code points or using other encoding
scheme that does not preserve ordering.
(cherry picked from commit 482fd0c811)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Handle ECANCELED in the same way as EINTR to work around the Posix
violation in the NetBSD's implementation.
(cherry picked from commit 07d0b95b05)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
The csv.register_dialect() docstring no longer imply that it returns a dialect.
All functions have now signatures.
(cherry picked from commit aa1dbd4dde)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: maurycy <5383+maurycy@users.noreply.github.com>
On some macOS versions there was an off-by-one error in wcsxfrm() which
caused writing past the end of the array if its size was not calculated
by running wcsxfrm() first.
(cherry picked from commit 5854cf38a2)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Ronald Oussoren <ronaldoussoren@mac.com>
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Passing a negative or zero size to `cursor.fetchmany()` made it fetch all rows
instead of none.
While this could be considered a security vulnerability, it was decided to treat
this issue as a regular bug as passing a non-sanitized *size* value in the first
place is not recommended.
(cherry picked from commit bc172ee830)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Co-authored-by: Petr Viktorin <encukou@gmail.com>
gh-138004: Fix setting a thread name on OpenIndiana (GH-138017)
Encode Solaris/Illumos thread names to ASCII, since
OpenIndiana does not support non-ASCII names.
Add tests for setting non-ASCII name for the main thread.
(cherry picked from commit c19db1d2b8)
Co-authored-by: jadonduff <jadon_duff@icloud.com>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* [3.14] gh-134698: Hold a lock when the thread state is detached in `ssl` (GH-134724)
Lock when the thread state is detached.
(cherry picked from commit e047a35b23)
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
* Only lock the SSL context, not the SSL socket.
This solves a deadlock when a socket is blocked while waiting on data,
which ended up causing a major regression in 3.13.6 (see gh-137583).
---------
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
gh-137044: Support large limit values in getrlimit() and setrlimit() (GH-137338)
* Return large limit values as positive integers instead of negative integers
in resource.getrlimit().
* Accept large values and reject negative values (except RLIM_INFINITY)
for limits in resource.setrlimit().
(cherry picked from commit baefaa6cba)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-137273: Fix debug assertion failure in locale.setlocale() on Windows (GH-137300)
It happened when there were at least 16 characters after dot in the
locale name.
(cherry picked from commit 718e0c89ba)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-138779: Use the dev_t converter for st_rdev (GH-138780)
This allows to support device numbers larger than 2**63-1.
(cherry picked from commit 43013f72f0)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
fix comment reference from man 7 signal to man 7 signal-safety (GH-138554)
(cherry picked from commit 2f5ace780b)
docs: fix comment reference from man 7 signal to man 7 signal-safety
Co-authored-by: mqudah <mohghq@gmail.com>
Call backtrace() once when installing the signal handler to ensure that
libgcc is dynamically loaded outside the signal handler.
This fixes a "signal-unsafe call inside of a signal" TSan error from
test_faulthandler.test_enable_fd.
(cherry picked from commit 11a8652e25)
Co-authored-by: Sam Gross <colesbury@gmail.com>
A runtime check is needed to support cross-compiling.
Remove the _Py_NORMALIZE_CENTURY macro.
Remove _pydatetime.py's _can_support_c99.
(cherry picked from commit 719e5c3f71)
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-126662: naming consistency for `signal.ItimerError` (GH-126712)
(cherry picked from commit d5fa437dfb)
Co-authored-by: Stephen Morton <git@tungol.org>
gh-138659: Typo in the gc module docstring (GH-138660)
docs(gc): fix typo in get_threshold() docstring
Removes a duplicate "the" from the docstring for the `gc.get_threshold()` function.
(cherry picked from commit c006a623e7)
Co-authored-by: Aalaap Dey <65075436+axdeyy@users.noreply.github.com>
* Add OpenSSL 3.5.2 definitions to Modules/_ssl_data_35.h (moved from Modules/_ssl_data_34.h)
* Demote OpenSSL 3.1 to "old", remove it from CI
* Update all OpenSSL versions to latest patchlevel in CI config and multissltests defaults
* Add OpenSSL 3.5.2 to CI configuration and multissltests default list
* Fix a typo in the argument parser description of multissltests.py
(cherry picked from commit 7a703c8f19)
