mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-04 17:08:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
cpython/Modules/clinic
History
Exact
Sebastian Pipping fc9da96274
[3.11] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (GH-115623) (#116268) 
Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods:

- `xml.etree.ElementTree.XMLParser.flush`
- `xml.etree.ElementTree.XMLPullParser.flush`
- `xml.parsers.expat.xmlparser.GetReparseDeferralEnabled`
- `xml.parsers.expat.xmlparser.SetReparseDeferralEnabled`
- `xml.sax.expatreader.ExpatParser.flush`

Based on the "flush" idea from #115138 (comment) .

- Please treat as a security fix related to CVE-2023-52425.

(cherry picked from commit 6a95676)
(cherry picked from commit 73807eb)
(cherry picked from commit eda2963)

---------

Includes code suggested-by: Snild Dolkow <snild@sony.com>
and by core dev Serhiy Storchaka.
Co-authored-by: Gregory P. Smith <greg@krypto.org>
2024-03-06 14:17:02 -08:00
..
_abc.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_asynciomodule.c.h gh-91323: Revert "Allow overriding a future compliance check in asyncio.Task (GH-32197)" (GH-95442) (GH-95652) 2022-08-04 18:07:39 +02:00
_bisectmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_bz2module.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_codecsmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_collectionsmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_contextvarsmodule.c.h bpo-32436: Implement PEP 567 (#5027) 2018-01-22 19:11:18 -05:00
_cryptmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_csv.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_curses_panel.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
_cursesmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_datetimemodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_dbmmodule.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
_elementtree.c.h [3.11] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (GH-115623) (#116268) 2024-03-06 14:17:02 -08:00
_gdbmmodule.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
_hashopenssl.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_heapqmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_localemodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_lsprof.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
_lzmamodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_opcode.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_operator.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_pickle.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_queuemodule.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
_randommodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_ssl.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_statisticsmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_struct.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_testclinic.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
_testmultiphase.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
_tkinter.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_tracemalloc.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_typingmodule.c.h bpo-44353: Implement typing.NewType __call__ method in C (#27262) 2021-07-22 23:06:54 +02:00
_weakref.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
_winapi.c.h Use Unicode unconditionally for _winapi.CreateFile (GH-114611) 2024-01-26 17:48:36 +00:00
arraymodule.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
audioop.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
binascii.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
cmathmodule.c.h [3.11] Add missing 'is' to cmath.log() docstring (GH-102049) (#102279) 2023-02-26 14:55:44 +00:00
fcntlmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
gcmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
grpmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
itertoolsmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
mathmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
md5module.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
overlapped.c.h [3.11] gh-98793: Fix typecheck in overlapped.c (GH-98835) (#98889) 2022-10-31 11:21:01 -07:00
posixmodule.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
pwdmodule.c.h bpo-37034: Display argument name on errors with keyword arguments with Argument Clinic. (GH-13593) 2019-08-29 17:49:08 +03:00
pyexpat.c.h [3.11] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (GH-115623) (#116268) 2024-03-06 14:17:02 -08:00
readline.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
resource.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
selectmodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
sha1module.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
sha256module.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
sha512module.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00
signalmodule.c.h [3.11] gh-98930: improve the docstring of signal.strsignal (GH-99290) (#99449) 2022-11-13 12:21:19 -08:00
socketmodule.c.h gh-92210: Move socket.__init__ to argument clinic (#92237) 2022-05-04 07:38:01 -06:00
spwdmodule.c.h bpo-37034: Display argument name on errors with keyword arguments with Argument Clinic. (GH-13593) 2019-08-29 17:49:08 +03:00
symtablemodule.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
termios.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
unicodedata.c.h gh-91320: Argument Clinic uses _PyCFunction_CAST() (#32210) 2022-05-03 20:25:41 +02:00
zlibmodule.c.h [3.11] gh-115015: Argument Clinic: fix generated code for METH_METHOD methods without params (#115016) (#115069) 2024-02-06 11:21:00 +01:00