Fix error in assertion which causes failure if pos is equal to PY_SSIZE_T_MAX.
Fix undefined behavior in read() and readinto() if pos is larger that the size
of the underlying buffer.
(cherry picked from commit 7d54374f9c)
gh-132657: add regression test for `PySet_Contains` with unhashable type (GH-141411)
(cherry picked from commit 2ac738d325)
Co-authored-by: M Bussonnier <bussonniermatthias@gmail.com>
Previously, socket.if_nametoindex() and socket.if_indextoname() could raise
an `OSError` with a `None` errno. Now, the errno from libc is propagated.
(cherry picked from commit 3ce2d57b2f)
* Refer to bytes objects or bytes-like objects instead of strings.
* Remove backticks -- they do not have effect on formatting.
* Re-wrap lines to ensure the pydoc output fits in 80 columns.
(cherry picked from commit 610377056b)
(cherry picked from commit 1a080199af)
Fix a compiler warning in _randommodule.c (GH-141058)
The test just before the cast ensures that the cast cannot overflow.
Fix the warning on 32-bit Windows:
Modules\_randommodule.c(525,28): warning C4244: '=': conversion
from 'uint64_t' to 'Py_ssize_t', possible loss of data
(cherry picked from commit 4ac16dd109)
Co-authored-by: Victor Stinner <vstinner@python.org>
It was too lenient and allowed MARK opcodes with too large value.
(cherry picked from commit 1326d2a808)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (#139234)
Expose the XML Expat 2.7.2 mitigation APIs to disallow use of
disproportional amounts of dynamic memory from within an Expat
parser (see CVE-2025-59375 for instance).
The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:
- `parser.SetAllocTrackerActivationThreshold(threshold)`, and
- `parser.SetAllocTrackerMaximumAmplification(max_factor)`.
(cherry picked from commit f04bea44c3)
(cherry picked from commit 68a1778b77)
* [3.13] gh-140607: Validate returned byte count in RawIOBase.read (GH-140611)
While `RawIOBase.readinto` should return a count of bytes between 0 and
the length of the given buffer, it is not required to. Add validation
inside RawIOBase.read() that the returned byte count is valid.
(cherry picked from commit 0f0a362768)
Co-authored-by: Cody Maloney <cmaloney@users.noreply.github.com>
Co-authored-by: Shamil <ashm.tech@proton.me>
Co-authored-by: Victor Stinner <vstinner@python.org>
* fixup: Use older attribute name
---------
Co-authored-by: Shamil <ashm.tech@proton.me>
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.13] gh-140593: Fix a memory leak in function `my_ElementDeclHandler` of `pyexpat` (GH-140602)
Ensure that the memory allocated for the content model
passed to `my_ElementDeclHandler` is freed in all error
paths.
(cherry picked from commit e34a5e3304)
* [3.13] gh-102431: Clarify constraints on operands of Decimal logical operations (GH-102836)
Sync C/Python implementation of the decimal: logical_ops for contexts.
(cherry picked from commit 6ecf77dbde)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
* [3.13] gh-139748: fix leaks in AC error paths when using unicode FS-based converters (GH-139765)
(cherry picked from commit b04a57deef)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Passing a negative or zero size to `cursor.fetchmany()` made it fetch all rows
instead of none.
While this could be considered a security vulnerability, it was decided to treat
this issue as a regular bug as passing a non-sanitized *size* value in the first
place is not recommended.
(cherry picked from commit bc172ee830)
Within libexpat, a parser created via `XML_ExternalEntityParserCreate`
is relying on its parent parser throughout its entire lifetime.
Prior to this fix, is was possible for the parent parser to be
garbage-collected too early.
(cherry picked from commit 6edb2ddb5f)
On some macOS versions there was an off-by-one error in wcsxfrm() which
caused writing past the end of the array if its size was not calculated
by running wcsxfrm() first.
(cherry picked from commit 5854cf38a2)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Ronald Oussoren <ronaldoussoren@mac.com>
(cherry picked from commit 64c876dd68)
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
The 'row' parameter represents a ROWID. Clarify this in docs and docstrings.
(cherry picked from commit 8eb106240f)
Co-authored-by: chiri <chirizxc@proton.me>
Handle ECANCELED in the same way as EINTR to work around the Posix
violation in the NetBSD's implementation.
(cherry picked from commit 07d0b95b05)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
This allows to support device numbers larger than 2**63-1.
(cherry picked from commit 43013f72f0)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-138659: Typo in the gc module docstring (GH-138660)
docs(gc): fix typo in get_threshold() docstring
Removes a duplicate "the" from the docstring for the `gc.get_threshold()` function.
(cherry picked from commit c006a623e7)
Co-authored-by: Aalaap Dey <65075436+axdeyy@users.noreply.github.com>
fix comment reference from man 7 signal to man 7 signal-safety (GH-138554)
(cherry picked from commit 2f5ace780b)
docs: fix comment reference from man 7 signal to man 7 signal-safety
Co-authored-by: mqudah <mohghq@gmail.com>
[3.14] gh-116946: fully implement GC protocol for `_curses_panel.panel` (GH-138333)
This commit fixes possible reference loops via `panel.set_userptr`
by implementing `tp_clear` and `tp_traverse` for panel objects.
(cherry picked from commit 572df47840)
It should interpret the result of wcsxfrm() as a sequence of abstract
integers, not a sequence of Unicode code points or using other encoding
scheme that does not preserve ordering.
(cherry picked from commit 482fd0c811)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
The csv.register_dialect() docstring no longer imply that it returns a
dialect.
All functions have now signatures.
(cherry picked from commit aa1dbd4dde)
Co-authored-by: maurycy <5383+maurycy@users.noreply.github.com>
* [3.13] gh-87135: Hang non-main threads that attempt to acquire the GIL during finalization (GH-105805)
Instead of surprise crashes and memory corruption, we now hang threads that attempt to re-enter the Python interpreter after Python runtime finalization has started. These are typically daemon threads (our long standing mis-feature) but could also be threads spawned by extension modules that then try to call into Python. This marks the `PyThread_exit_thread` public C API as deprecated as there is no plausible safe way to accomplish that on any supported platform in the face of things like C++ code with finalizers anywhere on a thread's stack. Doing this was the least bad option.
(cherry picked from commit 8cc5aa47ee)
Co-authored-by: Jeremy Maitin-Shepard <jeremy@jeremyms.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
* state "3.13.7 and earlier"
* backport: do not add the deprecated marker
* fix Py_IsFinalizing doc ref
---------
Co-authored-by: Jeremy Maitin-Shepard <jeremy@jeremyms.com>
* Return large limit values as positive integers instead of negative integers
in resource.getrlimit().
* Accept large values and reject negative values (except RLIM_INFINITY)
for limits in resource.setrlimit().
(cherry picked from commit baefaa6cba)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
This commit includes the original commit and the NEWS entry that was added separately.
(cherry picked from commit 3bffada467)
(cherry picked from commit 9eb84d83e0)
