Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2026-06-21 16:45:58 +00:00
Code Issues Projects Releases Packages Wiki Activity
cpython/Modules
History
Shamil bba6c1d9d5
[3.14] gh-142831: Fix use-after-free in json encoder during re-entrant mutation (gh-142851) (#150078) 
gh-142831: Fix use-after-free in json encoder during re-entrant mutation (gh-142851)

User callbacks invoked during JSON encoding (e.g. the `default` callback or
a custom string encoder) can mutate or clear the dict or sequence being
encoded, invalidating borrowed references to items, keys, and values. Hold
strong references unconditionally while iterating.



(cherry picked from commit 235fa7244a)

Co-authored-by: Kumar Aditya <kumaraditya@python.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
2026-05-19 20:31:43 -07:00
..
_ctypes [3.14] gh-149707: Fix compiler warning in _ctypes_test on strchr() (#149791) (#149866) 2026-05-15 11:36:01 +00:00
_decimal [3.14] gh-143331: Schedule to remove format "N" for Decimal (GH-143372) (#143476) 2026-01-06 15:58:29 +02:00
_hacl [3.14] gh-140120: Refresh HACL* to fix an hmac memory leak (GH-140188) (#140192) 2025-10-16 20:53:12 -07:00
_io [3.14] gh-149983: Fix PyErr_NoMemory call without GIL in winconsoleio.c (GH-149984) (GH-150111) 2026-05-19 23:11:43 +02:00
_multiprocessing gh-131525: Cache the result of tuple_hash (#131529) 2025-03-27 09:57:06 -04:00
_sqlite [3.14] gh-146090: fix memory management of internal sqlite3 callback contexts (GH-146569) (#146595) 2026-03-29 15:15:05 +02:00
_sre [3.14] gh-116738: Fix thread-safety issue in re module for free threading (gh-141923) (gh-141990) 2025-11-26 21:08:39 +00:00
_ssl [3.14] gh-134698: Hold a lock when the thread state is detached in ssl (GH-134724) (GH-137107) 2025-10-07 18:49:22 +00:00
_testcapi [3.14] gh-145235: Make dict watcher API thread-safe for free-threaded builds (gh-145233) (#149691) 2026-05-12 13:21:31 -04:00
_testinternalcapi [3.14] gh-144513: Skip critical section locking during stop-the-world (gh-144524) (#145570) 2026-03-06 12:00:17 -05:00
_testlimitedcapi [3.14] gh-132657: add regression test for PySet_Contains with unhashable type (GH-141411) (#141468) 2025-11-12 15:49:09 +00:00
_xxtestfuzz gh-111178: remove redundant casts for functions with correct signatures (#131673) 2025-04-01 17:18:11 +02:00
_zstd [3.14] gh-146578: _zstd: Fix printf format for pledged size errors (GH-146576) (#148855) 2026-04-21 13:31:46 -07:00
cjkcodecs [3.14] gh-101828: Fix jisx0213 codecs removing null characters (gh-139340) (gh-140110) 2025-10-14 14:36:05 +00:00
clinic [3.14] gh-149816: Fix a RC in _random.Random.__init__ method (GH-149824) (#149998) 2026-05-18 16:19:23 +00:00
expat [3.14] gh-149698: Update bundled expat to 2.8.1 (GH-149699) (#149813) 2026-05-14 09:53:10 +01:00
_abc.c gh-111178: fix UBSan failures in Modules/_abc.c (GH-128253) 2025-01-07 12:45:29 +01:00
_asynciomodule.c [3.14] gh-148274: properly handle result from PyObject_VisitManagedDict (GH-148275) (#148295) 2026-04-09 13:49:09 +00:00
_bisectmodule.c gh-126035: add missing whitespace to *Py_EnterRecursiveCall() messages (#126036) 2024-10-27 22:55:48 +01:00
_bz2module.c [3.14] gh-148395: Fix a possible UAF in {LZMA,BZ2,_Zlib}Decompressor (GH-148396) (#148480) 2026-04-13 01:40:54 +00:00
_codecsmodule.c GH-131238: Core header refactor (GH-131250) 2025-03-17 09:19:04 +00:00
_collectionsmodule.c [3.14] gh-145492: Fix defaultdict __repr__ infinite recursion (GH-145659) (GH-145747) 2026-03-12 10:45:31 +01:00
_csv.c [3.14] gh-145105: Fix crash in csv.reader with re-entrant iterator (GH-145106) (#148404) 2026-04-11 22:46:26 +00:00
_curses_panel.c [3.14] gh-116946: fully implement GC protocol for _curses_panel.panel (GH-138333) (#138427) 2025-09-06 21:20:35 +03:00
_cursesmodule.c [3.14] gh-137920: Fix semantically relevant typo in curses.window.attron (#137940) (GH-138506) 2025-10-07 22:21:41 +02:00
_datetimemodule.c [3.14] gh-139774: use relaxed atomics for datetime hashes (GH-139775) (#139780) 2025-10-08 21:09:09 +05:30
_dbmmodule.c [3.14] gh-116738: Add critical section to dbm/gdbm context manager (gh-140391) (gh-140459) 2025-10-22 15:44:09 +00:00
_elementtree.c [3.14] gh-148735: Fix a UAF in Element.findtext() (GH-148738) (#148916) 2026-04-24 21:38:15 +01:00
_functoolsmodule.c [3.14] gh-145446: Add critical section in functools module for PyDict_Next (GH-145487) (GH-145879) 2026-03-13 13:21:04 +01:00
_gdbmmodule.c [3.14] gh-116738: Add critical section to dbm/gdbm context manager (gh-140391) (gh-140459) 2025-10-22 15:44:09 +00:00
_hashopenssl.c [3.14] gh-145301: Fix double-free in hashlib and hmac module initialization (GH-145321) (#145523) 2026-03-05 04:13:02 +00:00
_heapqmodule.c [3.14] Fix comments for heapq.siftup_max (GH-135359) (#136232) 2025-07-03 10:17:10 +00:00
_interpchannelsmodule.c [3.14] gh-149921: Fix reference leaks in _interpchannels and _interpqueues modules (GH-149922) (#149944) 2026-05-17 10:35:27 +00:00
_interpqueuesmodule.c [3.14] gh-149921: Fix reference leaks in _interpchannels and _interpqueues modules (GH-149922) (#149944) 2026-05-17 10:35:27 +00:00
_interpreters_common.h [3.14] gh-132775: Use _PyObject_GetXIData (With Fallback) (gh-134507) 2025-05-22 07:21:05 -06:00
_interpretersmodule.c [3.14] Revert "gh-112068: C API: Add support of nullable arguments in PyArg_Parse (GH-121303)" (GH-136991) (#137006) 2025-07-22 19:16:31 +03:00
_json.c [3.14] gh-142831: Fix use-after-free in json encoder during re-entrant mutation (gh-142851) (#150078) 2026-05-19 20:31:43 -07:00
_localemodule.c [3.14] Fix unlikely potential reference leak in _locale._getdefaultlocale (GH-145250) (GH-145302) 2026-02-27 08:31:11 +00:00
_lsprof.c [3.14] gh-116738: make cProfile module thread-safe (GH-138229) (#138575) 2025-10-07 18:51:22 +00:00
_lzmamodule.c [3.14] gh-148395: Fix a possible UAF in {LZMA,BZ2,_Zlib}Decompressor (GH-148396) (#148480) 2026-04-13 01:40:54 +00:00
_math.h gh-122681: remove m_atan2()/c_atan2() helpers (#122715) 2024-08-17 13:48:16 +05:30
_opcode.c [3.14] gh-135755: Move SPECIAL_ constants to a private header (GH-135922) (GH-135926) 2025-06-25 13:36:46 +02:00
_operator.c gh-131238: Add explicit includes to pycore headers (#131257) 2025-03-17 12:32:43 +01:00
_pickle.c [3.14] gh-146452: Improve locking granularity in pickle's batch_dict_… (#150062) 2026-05-19 05:34:06 -07:00
_posixsubprocess.c [3.14] gh-141659: Fix bad file descriptor error in subprocess on AIX (GH-141660) (GH-141738) 2025-11-19 08:05:01 +00:00
_queuemodule.c [3.14] gh-145376: Fix refleak in queuemodule.c out-of-memory path (GH-145543) (#145622) 2026-03-08 13:32:51 +05:30
_randommodule.c [3.14] gh-149816: Fix a RC in _random.Random.__init__ method (GH-149824) (#149998) 2026-05-18 16:19:23 +00:00
_remote_debugging_module.c [3.14] gh-148178: Validate remote debug offset tables on load (GH-148187) (#148577) 2026-05-04 22:43:43 +01:00
_scproxy.c gh-116322: Add Py_mod_gil module slot (#116882) 2024-05-03 11:30:55 -04:00
_ssl.c [3.14] gh-149816: Fix SNI callback callable race (GH-150018) (GH-150100) 2026-05-20 00:05:42 +02:00
_ssl.h
_ssl_data_35.h [3.14] gh-149254: Update CI to use latest OpenSSL versions (GH-149333) 2026-05-03 21:11:42 +00:00
_ssl_data_111.h gh-131423: Update OpenSSL data to 3.4.1 on Linux (#131618) 2025-04-25 10:26:58 +02:00
_ssl_data_300.h gh-127330: Update for OpenSSL 3.4 & document+improve the update process (GH-127331) 2024-11-28 13:29:27 +01:00
_ssl_data_340.h gh-131423: Update OpenSSL data to 3.4.1 on Linux (#131618) 2025-04-25 10:26:58 +02:00
_stat.c [3.14] gh-108765: fix comment about macro definitions in _stat.c post GH-108854 (GH-136027) (#136043) 2025-06-27 15:40:34 +00:00
_statisticsmodule.c gh-116322: Add Py_mod_gil module slot (#116882) 2024-05-03 11:30:55 -04:00
_struct.c [3.14] gh-148529: Minor improvements of the struct module documentation (GH-148565) (GH-149063) 2026-04-27 23:07:00 +03:00
_suggestions.c gh-131936: Strengthen check in _suggestions._generate_suggestions (#131945) 2025-03-31 19:30:29 +02:00
_sysconfig.c gh-127405: Add ABIFLAGS to sysconfig variables on Windows (GH-131799) 2025-04-11 16:19:03 +01:00
_testbuffer.c gh-111178: fix UBSan failures for Modules/_testbuffer.c (#131612) 2025-03-24 10:46:25 +01:00
_testcapi_feature_macros.inc gh-91325: Skip Stable ABI checks with Py_TRACE_REFS special build (GH-92046) 2024-01-29 16:45:31 +01:00
_testcapimodule.c [3.14] gh-148274: properly handle result from PyObject_VisitManagedDict (GH-148275) (#148295) 2026-04-09 13:49:09 +00:00
_testclinic.c [3.14] gh-144545: Improve handling of default values in Argument Clinic (GH-146016) (GH-146052) 2026-03-17 10:55:15 +00:00
_testclinic_limited.c gh-116322: Rename PyModule_ExperimentalSetGIL to PyUnstable_Module_SetGIL (GH-118645) 2024-05-06 18:59:36 +02:00
_testimportmultiple.c gh-116322: Add Py_mod_gil module slot (#116882) 2024-05-03 11:30:55 -04:00
_testinternalcapi.c [3.14] GH-148726: Add heap_size to _gc_runtime_state (#149025) 2026-04-29 13:04:11 +03:00
_testlimitedcapi.c gh-111495: Add PyFile tests (#129449) 2025-01-30 18:05:32 +01:00
_testmultiphase.c gh-111178: fix UBSan failures for Modules/_testmultiphase.c (#131615) 2025-03-24 10:59:30 +01:00
_testsinglephase.c [3.14] gh-144601: Avoid sharing exception objects raised in a PyInit function across multiple interpreters (GH-144602) (GH-144633) 2026-02-16 10:37:46 -05:00
_threadmodule.c [3.14] gh-143191: Use _PyOS_MIN_STACK_SIZE in _thread.stack_size() (GH-143601) (#143611) 2026-01-09 15:34:39 +00:00
_tkinter.c [3.14] gh-143310: fix crash in Tcl object conversion with concurrent mutations (GH-143321) (#143343) 2026-01-02 10:17:13 +00:00
_tracemalloc.c gh-128679: Redesign tracemalloc locking (#128888) 2025-01-15 20:22:44 +00:00
_typesmodule.c GH-118761: Expose more core interpreter types in `_types` (#132103) 2025-04-05 18:11:07 +00:00
_typingmodule.c gh-105499: Merge typing.Union and types.UnionType (#105511) 2025-03-04 11:44:19 -08:00
_uuidmodule.c [3.14] gh-132710: only use stable _uuid.generate_time_safe() to deduce MAC address (GH-132901) (#134697) 2025-05-26 10:45:36 +00:00
_weakref.c gh-120974: Make _asyncio._leave_task atomic in the free-threaded build (#122139) 2024-07-23 17:06:03 +00:00
_winapi.c GH-131296: Fix incompatible pointer type warning in _winapi.c (GH-131600) 2025-03-31 17:33:55 +01:00
_zoneinfo.c [3.14] gh-145883: Fix two heap-buffer-overflows in _zoneinfo (GH-145885) (#148087) 2026-04-04 17:13:13 +01:00
addrinfo.h gh-114917: add support for AI_NUMERICSERV in getaddrinfo emulation (#114918) 2025-03-18 11:26:51 +01:00
arraymodule.c [3.14] gh-148484: Fix memory leak of iterator in array.array constructor (GH-148523) (GH-148678) 2026-04-23 16:00:37 +02:00
atexitmodule.c [3.14] gh-144986: Fix memory leak in atexit.register() (GH-144987) (#145020) 2026-03-16 13:56:05 +05:30
binascii.c [3.14] gh-148093: Raise binascii.Error from binascii.a2b_uu() on empty input (GH-149077) (GH-149350) 2026-05-04 10:10:47 +00:00
blake2module.c [3.14] gh-144545: Improve handling of default values in Argument Clinic (GH-146016) (GH-146052) 2026-03-17 10:55:15 +00:00
cmathmodule.c [3.14] gh-116738: Statically initialize special constants in cmath module (gh-142161) (gh-142261) 2025-12-04 14:51:55 +00:00
config.c.in gh-128384: Use a context variable for warnings.catch_warnings (gh-130010) 2025-04-09 16:18:54 -07:00
errnomodule.c gh-126585: Add EHWPOISON error code (#126586) 2024-12-03 12:45:50 +00:00
faulthandler.c [3.14] gh-149590: Remove faulthandler_traverse (GH-150023) (#150088) 2026-05-19 15:08:58 +00:00
fcntlmodule.c [3.14] gh-140615: Update docstrings in the fcntl module (GH-140619) (GH-141231) 2025-11-08 11:16:45 +00:00
gc_weakref.txt
gcmodule.c [3.14] GH-148726: Forward-port generational GC (#148720) 2026-04-26 21:12:52 +03:00
getaddrinfo.c gh-114917: Fix typo in getaddrinfo emulation (#131413) 2025-03-18 14:31:13 +01:00
getbuildinfo.c gh-100388: Change undefined __DATE__ to the Unix epoch (#100389) 2025-03-03 14:59:46 +01:00
getnameinfo.c Replace K&R function declarations with ANSI declarations (#114818) 2025-03-11 13:06:36 +01:00
getpath.c GH-131296: Avoid invalid signed char comparison in getpath.c assertion (GH-131594) 2025-04-22 14:06:30 +01:00
getpath.py [3.14] gh-135773: have pyvenv.cfg without home key anchor a venv and deduce home (GH-135831) (#136287) 2025-07-05 00:36:12 +10:00
getpath_noop.c
grpmodule.c [3.14] gh-116738: Make grp module thread-safe (GH-135434) (#136658) 2025-07-15 11:03:33 +05:30
hashlib.h [3.14] gh-134696: align OpenSSL and HACL*-based hash functions constructors AC signatures (GH-134713) (#134961) 2025-06-01 10:26:56 +02:00
hmacmodule.c [3.14] gh-145376: Fix crashes in md5module.c and hmacmodule.c (GH-145422) (#145610) 2026-03-06 21:06:32 +00:00
itertoolsmodule.c [3.14] gh-146613: Fix re-entrant use-after-free in itertools._grouper (GH-147962) (#148010) 2026-04-06 18:23:08 +03:00
ld_so_aix.in
main.c [3.14] gh-145376: Fix various reference leaks (GH-145377) (GH-145712) 2026-03-10 16:31:02 +01:00
makesetup gh-131298: eliminate HACL* static libraries for cryptographic modules (GH-132438) 2025-04-20 17:40:17 +00:00
makexp_aix
mathmodule.c [3.14] gh-132876: workaround broken ldexp() on Windows 10 (GH-133135) (#134684) 2025-05-25 22:23:45 -05:00
md5module.c [3.14] gh-145376: Fix crashes in md5module.c and hmacmodule.c (GH-145422) (#145610) 2026-03-06 21:06:32 +00:00
mmapmodule.c [3.14] gh-116738: make mmap module thread-safe (GH-139237) (#139825) 2025-10-09 20:19:03 +05:30
overlapped.c [3.14] gh-148808: Add boundary check to asyncio.AbstractEventLoop.sock_recvf… (GH-148809) (#148837) 2026-04-21 21:56:19 +05:30
posixmodule.c [3.14] gh-144545: Improve handling of default values in Argument Clinic (GH-146016) (GH-146052) 2026-03-17 10:55:15 +00:00
posixmodule.h gh-85283: Convert grp extension to the limited C API (#116611) 2024-03-12 00:46:53 +00:00
pwdmodule.c gh-116322: Add Py_mod_gil module slot (#116882) 2024-05-03 11:30:55 -04:00
pyexpat.c [3.14] gh-148441: Avoid integer overflow in Expat's CharacterDataHandler (GH-148904) (#149638) 2026-05-10 14:08:59 +00:00
readline.c [3.14] gh-122431: Correct the non-negative error message in readline.append_history_file (GH-143075) (GH-143090) 2025-12-23 05:01:41 +00:00
README
resource.c [3.14] gh-137044: Support large limit values in getrlimit() and setrlimit() (GH-137338) (#137506) 2025-10-07 20:43:12 +02:00
rotatingtree.c gh-116181: Remove Py_BUILD_CORE_BUILTIN and Py_BUILD_CORE_MODULE in rotatingtree.c (#121260) 2024-07-03 13:05:05 +05:30
rotatingtree.h
selectmodule.c gh-132987: Support __index__() in the select.kqueue_event constructor (GH-133094) 2025-04-29 13:55:14 +00:00
Setup GH-132983: Build `_zstd` on Windows (#133366) 2025-05-06 00:58:47 +01:00
Setup.bootstrap.in [3.14] gh-136421: Load _datetime static types during interpreter initialization (GH-136583) (GH-136943) 2025-07-21 19:23:05 -04:00
Setup.stdlib.in [3.14] gh-136421: Load _datetime static types during interpreter initialization (GH-136583) (GH-136943) 2025-07-21 19:23:05 -04:00
sha1module.c [3.14] gh-134696: align OpenSSL and HACL*-based hash functions constructors AC signatures (GH-134713) (#134961) 2025-06-01 10:26:56 +02:00
sha2module.c [3.14] gh-134696: align OpenSSL and HACL*-based hash functions constructors AC signatures (GH-134713) (#134961) 2025-06-01 10:26:56 +02:00
sha3module.c [3.14] gh-134696: align OpenSSL and HACL*-based hash functions constructors AC signatures (GH-134713) (#134961) 2025-06-01 10:26:56 +02:00
signalmodule.c [3.14] gh-137490: Fix signal.sigwaitinfo() on NetBSD (GH-137523) (GH-138935) 2025-10-08 14:33:30 +02:00
socketmodule.c [3.14] gh-144837: Improve documentation for more collection methods (GH-144841) (GH-146483) 2026-03-26 19:55:25 +00:00
socketmodule.h [3.14] GH-131296: Fix clang-cl warning on Windows in socketmodule.h (GH-131832) (GH-146340) 2026-03-24 00:27:01 +01:00
symtablemodule.c [3.14] gh-139748: fix leaks in AC error paths when using unicode FS-b… (#139789) 2025-10-08 22:16:21 +05:30
syslogmodule.c gh-130163: Fix crashes related to PySys_GetObject() (GH-130503) 2025-02-25 23:04:27 +02:00
termios.c gh-119770: Make termios ioctl() constants positive (#119840) 2024-05-31 17:18:40 +02:00
timemodule.c gh-130617 : fix time_clockid_converter on DragonFlyBSD (#130634) 2025-02-28 08:56:00 +01:00
tkappinit.c
tkinter.h
unicodedata.c [3.14] gh-88091: Fix unicodedata.decomposition() for Hangul Syllables (GH-144993) (GH-145189) 2026-02-25 00:27:09 +02:00
unicodedata_db.h closes gh-124016: update Unicode to 16.0.0 (#124017) 2024-09-13 07:47:04 -07:00
unicodename_db.h [3.14] gh-80667: Fix lookup for Tangut ideographs in unicodedata (GH-144789) (GH-144871) 2026-02-16 14:25:43 +02:00
winreparse.h
xxlimited.c [3.14] gh-134160: Add more comments for the xxlimited module (GH-140214) (GH-140664) 2025-10-28 10:24:11 +01:00
xxlimited_35.c gh-111178: Fix function signatures for multiple tests (#131496) 2025-03-20 12:27:03 +01:00
xxmodule.c gh-122040: reword Modules/xxmodule.c module-level comment (#132201) 2025-04-07 08:03:03 +00:00
xxsubtype.c gh-111178: fix UBSan failures in Modules/xx*.c (GH-129797) 2025-02-25 13:02:32 +01:00
zlibmodule.c [3.14] gh-148395: Fix a possible UAF in {LZMA,BZ2,_Zlib}Decompressor (GH-148396) (#148480) 2026-04-13 01:40:54 +00:00

README 

Source files for standard library extension modules,
and former extension modules that are now builtin modules.