mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-12-14 05:11:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
cpython/Python
History
Alexey Izbyshev 1c8b3b5d66
bpo-47260: Fix os.closerange() potentially being a no-op in a seccomp sandbox (GH-32418) 
_Py_closerange() currently assumes that close_range() closes
all file descriptors even if it returns an error (other than ENOSYS).
This assumption can be wrong on Linux if a seccomp sandbox denies
the underlying syscall, pretending that it returns EPERM or EACCES.
In this case _Py_closerange() won't close any descriptors at all,
which in the worst case can be a security issue.

Fix this by falling back to other methods in case of any close_range()
error. Note that fallbacks will not be triggered on any problems with
closing individual file descriptors because close_range() is documented
to ignore such errors on both Linux[1] and FreeBSD[2].

[1] https://man7.org/linux/man-pages/man2/close_range.2.html
[2] https://www.freebsd.org/cgi/man.cgi?query=close_range&sektion=2
2022-04-08 10:40:39 -07:00
..
clinic Use FASTCALL for __import__ (GH-31752) 2022-03-11 18:46:55 +02:00
deepfreeze
frozen_modules
_warnings.c bpo-47164: Add _PyCFunction_CAST() macro (GH-32192) 2022-03-31 10:02:34 +02:00
adaptive.md Update adaptive.md for inline caching (GH-31817) 2022-03-11 14:29:10 +00:00
asdl.c
ast.c bpo-45292: [PEP-654] add except* (GH-29581) 2021-12-14 16:48:15 +00:00
ast_opt.c bpo-46541: Discover the global strings. (gh-31346) 2022-02-14 17:36:51 -07:00
ast_unparse.c bpo-43224: Implement PEP 646 grammar changes (GH-31018) 2022-03-26 09:55:35 -07:00
bltinmodule.c bpo-47164: Add _PyCFunction_CAST() macro (GH-32192) 2022-03-31 10:02:34 +02:00
bootstrap_hash.c bpo-46303: Move fileutils.h private functions to internal C API (GH-30484) 2022-01-11 11:56:16 +01:00
ceval.c bpo-47177: Replace f_lasti with prev_instr (GH-32208) 2022-04-07 12:31:01 -07:00
ceval_gil.h
codecs.c bpo-46541: Replace core use of _Py_IDENTIFIER() with statically initialized global objects. (gh-30928) 2022-02-08 13:39:07 -07:00
compile.c bpo-47120: make JUMP_NO_INTERRUPT relative (GH-32221) 2022-04-05 12:49:08 +01:00
condvar.h
context.c bpo-47164: Add _PyCFunction_CAST() macro (GH-32192) 2022-03-31 10:02:34 +02:00
dtoa.c bpo-45412: Add _PY_SHORT_FLOAT_REPR macro (GH-31171) 2022-02-23 18:16:23 +01:00
dup2.c
dynamic_annotations.c
dynload_hpux.c
dynload_shlib.c
dynload_stub.c
dynload_win.c
emscripten_signal.c bpo-47176: Interrupt handling for wasm32-emscripten builds without pthreads (GH-32209) 2022-04-03 22:58:52 +02:00
errors.c bpo-46816: Remove declarations for non-__STDC__ compilers (GH-31466) 2022-02-26 00:16:59 +01:00
fileutils.c bpo-47260: Fix os.closerange() potentially being a no-op in a seccomp sandbox (GH-32418) 2022-04-08 10:40:39 -07:00
formatter_unicode.c bpo-46920: Remove disabled debug code added decades ago and likely unnecessary (GH-31812) 2022-03-14 17:03:21 +01:00
frame.c bpo-47177: Replace f_lasti with prev_instr (GH-32208) 2022-04-07 12:31:01 -07:00
frozen.c bpo-46748: Don't import <stdbool.h> in public headers (GH-31553) 2022-02-25 09:25:54 +01:00
frozenmain.c
future.c
getargs.c bpo-45316: Move _PyArg_Fini() to internal C API (GH-31580) 2022-02-25 16:19:30 +01:00
getcompiler.c
getcopyright.c Update copyright year to 2022. (GH-30335) 2022-01-02 12:08:48 -08:00
getopt.c
getplatform.c
getversion.c bpo-43931: Export Python version as API data (GH-25577) 2021-12-09 17:52:05 -08:00
hamt.c bpo-47164: Add _PyCFunction_CAST() macro (GH-32192) 2022-03-31 10:02:34 +02:00
hashtable.c
import.c bpo-47162: Add call trampoline to mitigate bad fpcasts on Emscripten (GH-32189) 2022-03-30 12:28:33 -07:00
importdl.c bpo-47162: Add call trampoline to mitigate bad fpcasts on Emscripten (GH-32189) 2022-03-30 12:28:33 -07:00
importdl.h bpo-47162: Add call trampoline to mitigate bad fpcasts on Emscripten (GH-32189) 2022-03-30 12:28:33 -07:00
initconfig.c
makeopcodetargets.py
marshal.c bpo-35134: Remove the Include/code.h header file (GH-32385) 2022-04-07 02:29:52 +02:00
modsupport.c
mysnprintf.c
mystrtoul.c
opcode_targets.h bpo-47120: make JUMP_NO_INTERRUPT relative (GH-32221) 2022-04-05 12:49:08 +01:00
pathconfig.c
preconfig.c
pyarena.c
pyctype.c
pyfpe.c bpo-46315: Add ifdef HAVE_ feature checks for WASI compatibility (GH-30507) 2022-01-13 09:46:04 +01:00
pyhash.c
pylifecycle.c bpo-46864: Suppress even more ob_shash deprecation warnings (GH-32176) 2022-03-30 08:35:15 +02:00
pymath.c
pystate.c bpo-46864: Suppress deprecation warnings for ob_shash. (GH-32042) 2022-03-23 17:11:22 +09:00
pystrcmp.c
pystrhex.c
pystrtod.c bpo-46656: Remove Py_NO_NAN macro (GH-31160) 2022-02-25 01:32:57 +01:00
Python-ast.c bpo-46289: Make conversion of FormattedValue not optional on ASDL (GH-30467) 2022-01-07 13:05:28 -08:00
Python-tokenize.c bpo-46613: Add PyType_GetModuleByDef to the public API (GH-31081) 2022-02-11 17:22:11 +01:00
pythonrun.c bpo-35134: Remove the Include/code.h header file (GH-32385) 2022-04-07 02:29:52 +02:00
pytime.c bpo-46670: Test if a macro is defined, not its value (GH-31178) 2022-02-07 01:46:51 +01:00
README
specialize.c bpo-47009: Let PRECALL_NO_KW_LIST_APPEND do its own POP_TOP (GH-32239) 2022-04-05 11:18:30 +01:00
stdlib_module_names.h bpo-40059: Add tomllib (PEP-680) (GH-31498) 2022-03-08 09:26:13 +01:00
structmember.c
suggestions.c
symtable.c bpo-46765: Replace Locally Cached Strings with Statically Initialized Objects (gh-31366) 2022-02-22 17:23:51 -07:00
sysmodule.c bpo-35134: Remove the Include/code.h header file (GH-32385) 2022-04-07 02:29:52 +02:00
thread.c bpo-46670: Remove unused macros in the Python directory (GH-31192) 2022-02-07 16:21:52 +01:00
thread_nt.h bpo-46008: Move thread-related interpreter state into a sub-struct. (gh-29971) 2021-12-07 14:03:47 -07:00
thread_pthread.h bpo-46008: Move thread-related interpreter state into a sub-struct. (gh-29971) 2021-12-07 14:03:47 -07:00
traceback.c bpo-47177: Replace f_lasti with prev_instr (GH-32208) 2022-04-07 12:31:01 -07:00

README 

Miscellaneous source files for the main Python shared library