* Fix a crash when pass UINT_MAX.
* Fix an integer overflow on 64-bit non-Windows platforms.
(cherry picked from commit 0daf555c6f)
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
First fix resolve situation when pyexpat module (which contains expat_CAPI
capsule) deallocates before _elementtree, so we need to hold a strong
reference to pyexpat module to.
Second fix resolve situation when module state is deallocated before
deallocation of XMLParser instances, which uses module state to clear
some stuff.
(cherry picked from commit 894f0e573d)
Co-authored-by: Kirill Podoprigora <kirill.bast9@mail.ru>
Set MAX_STRUCT_SIZE to 32 in stgdict.c when on Arm platforms.
This because on Arm platforms structs with at most 4 elements of any
floating point type values can be passed through registers. If the type
is double the maximum size of the struct is 32 bytes.
On x86-64 Linux, it's maximum 16 bytes hence we need to differentiate.
(cherry picked from commit bc68f4a4ab)
Restore `subprocess`'s intended use of `vfork()` by default for performance on Linux;
also fixes the behavior of `extra_groups=[]` which was unintentionally broken in 3.12.0:
Fixed a performance regression in 3.12's :mod:`subprocess` on Linux where it
would no longer use the fast-path ``vfork()`` system call when it could have
due to a logic bug, instead falling back to the safe but slower ``fork()``.
Also fixed a security bug introduced in 3.12.0. If a value of ``extra_groups=[]``
was passed to :mod:`subprocess.Popen` or related APIs, the underlying
``setgroups(0, NULL)`` system call to clear the groups list would not be made
in the child process prior to ``exec()``.
The security issue was identified via code inspection in the process of
fixing the first bug. Thanks to @vain for the detailed report and
analysis in the initial bug on Github.
(cherry picked from commit 9fe7655c6c)
+ Reword NEWS for the bugfix/security release. (mentions the assigned CVE number)
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-105967: Work around a macOS bug, limit zlib C library crc32 API calls to 1gig (GH-112615)
Work around a macOS bug, limit zlib crc32 calls to 1GiB.
Without this, `zlib.crc32` and `binascii.crc32` could produce incorrect
results on multi-gigabyte inputs depending on the macOS version's Apple
supplied zlib implementation.
(cherry picked from commit 4eddb4c9d9)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
gh-112105: Make completer delims work on libedit (gh-112106)
(cherry picked from commit 2df26d8348)
Co-authored-by: Tian Gao <gaogaotiantian@hotmail.com>
The existence of background threads running on a subinterpreter was preventing interpreters from getting properly destroyed, as well as impacting the ability to run the interpreter again. It also affected how we wait for non-daemon threads to finish.
We add PyInterpreterState.threads.main, with some internal C-API functions.
(cherry-picked from commit 1dd9dee45d)
This change makes sure sys.path[0] is set properly for subinterpreters. Before, it wasn't getting set at all.
This change does not address the broader concerns from gh-109853.
(cherry-picked from commit a040a32ea2)
* [3.12] gh-112358: Fix Python 3.12 regression with subclassing struct.Struct. (GH-112424)
Revert commit c8c0afc713 (PR GH-94532),
which moved `struct.Struct` initialisation from `Struct.__init__` to `Struct.__new__`.
This caused issues with code in the wild that subclasses `struct.Struct`..
(cherry picked from commit 9fe60340d7)
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
* Remove unrelated test
In non-debug more the check for the "errors" argument is skipped,
and then PyUnicode_AsUTF8() can fail, but its result was not checked.
Co-authored-by: Victor Stinner <vstinner@python.org>
(cherry picked from commit 9302f05f9a)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* Fix crash when encoding is not string or None.
* Fix crash when both line_buffering and write_through raise exception
when converted ti int.
* Add a number of tests for constructor and reconfigure() method
with invalid arguments.
(cherry picked from commit ee06fffd38)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-111777: Fix assertion errors on incorrectly still-tracked GC object destruction (GH-111778)
In PyObject_GC_Del, in Py_DEBUG mode, when warning about GC objects that
were not properly untracked before starting destruction, take care to
untrack the object _before_ warning, to avoid triggering a GC run and
causing the problem the code tries to warn about. Also make sure to save and
restore any pending exceptions, which the warning would otherwise clobber or
trigger an assertion error on.
(cherry picked from commit ce6a533c4b)
Co-authored-by: T. Wouters <thomas@python.org>
Fix undefined behaviour in datetime.time.fromisoformat() (GH-111982)
Fix undefined behaviour in datetime.time.fromisoformat() when parsing a string without a timezone. 'tzoffset' is not assigned to by parse_isoformat_time if it returns 0, but time_fromisoformat then passes tzoffset to another function, which is undefined behaviour (even if the function in question does not use the value).
(cherry picked from commit 21615f77b5)
Co-authored-by: T. Wouters <thomas@python.org>
* [3.12] gh-110395: invalidate open kqueues after fork (GH-110517)
Invalidate open select.kqueue instances after fork as the fd will be invalid in the child.
(cherry picked from commit a6c1c04d4d)
Co-authored-by: Davide Rizzo <sorcio@gmail.com>
* move assert to after the child dying
this is in `main` via https://github.com/python/cpython/pull/111816/files
GH-111804: Drop posix.fallocate() under WASI (GH-111869)
Drop posix.fallocate() under WASI.
The underlying POSIX function, posix_fallocate(), was found to vary too
much between implementations to remain in WASI. As such, while it was
available in WASI preview1, it's been dropped in preview2.
gh-101180: Fix a bug where iso2022_jp_3 and iso2022_jp_2004 codecs read out of bounds (gh-111695)
(cherry picked from commit c8faa3568a)
Co-authored-by: Masayuki Moriyama <masayuki.moriyama@miraclelinux.com>
* Move existing tests for PySys_GetObject() and PySys_SetObject() into
specialized files.
* Add test for PySys_GetXOptions() using _testcapi.
* Add tests for PySys_FormatStdout(), PySys_FormatStderr(),
PySys_WriteStdout() and PySys_WriteStderr() using ctypes.
(cherry picked from commit b2ba298527)
zipinfo now supports the full range of values in the TZ string
determined by RFC 8536 and detects all invalid formats.
Both Python and C implementations now raise exceptions of the same
type on invalid data.
(cherry picked from commit ab08ff7882)
Now re.error is raised instead of OverflowError or RuntimeError for
too large width of look-behind pattern.
The limit is increased to 2**32-1 (was 2**31-1).
(cherry picked from commit e2b3d831fd)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
TypeError would be overwritten by OverflowError
if 'code' param contained non-ints.
(cherry picked from commit 344d3a222a)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
