gh-146139: Disable `socketpair` authentication on WASI (GH-146140)
Calling `connect(2)` on a non-blocking socket on WASI may leave the socket in a
"connecting" but not yet "connected" state. In the former case, calling
`getpeername(2)` on it will fail, leading to an unhandled exception in Python.
(cherry picked from commit a5b76d53bb)
Co-authored-by: Joel Dice <joel.dice@akamai.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Brett Cannon <brett@python.org>
gh-148395: Fix a possible UAF in `{LZMA,BZ2,_Zlib}Decompressor` (GH-148396)
Fix dangling input pointer after `MemoryError` in _lzma/_bz2/_ZlibDecompressor.decompress
(cherry picked from commit 8fc66aef6d)
Co-authored-by: Stan Ulbrych <stan@python.org>
tests: use errno.EBADF instead of hardcoded number in _close_file() (GH-148345)
test_interpreters: use errno.EBADF instead of hardcoded number in _close_file()
Replace the hardcoded `9` check in `Lib/test/test_interpreters/utils.py` with `errno.EBADF`.
Using `errno.EBADF` makes the helper portable across platforms with different errno numbering while preserving the intended behavior.
(cherry picked from commit cef334fd4c)
Co-authored-by: Artem Yarulin <artem.yarulin@kapteko.com>
Ensures that the testbed's Gradle configuration uses the cross-build environment
variable, and that variable is passed to Gradle by the cross-build script.
(cherry picked from commit b29afe62f7)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Co-authored-by: Malcolm Smith <smith@chaquo.com>
gh-146313: Fix multiprocessing ResourceTracker deadlock after os.fork() (GH-146316)
`ResourceTracker.__del__` (added in gh-88887 circa Python 3.12) calls
os.waitpid(pid, 0) which blocks indefinitely if a process created via os.fork()
still holds the tracker pipe's write end. The tracker never sees EOF, never
exits, and the parent hangs at interpreter shutdown.
Fix with two layers:
- **At-fork handler.** An os.register_at_fork(after_in_child=...)
handler closes the inherited pipe fd in the child unless a preserve
flag is set. popen_fork.Popen._launch() sets the flag before its
fork so mp.Process(fork) children keep the fd and reuse the parent's
tracker (preserving gh-80849). Raw os.fork() children close the fd,
letting the parent reap promptly.
- **Timeout safety-net.** _stop_locked() gains a wait_timeout
parameter. When called from `__del__`, it polls with WNOHANG using
exponential backoff for up to 1 second instead of blocking
indefinitely. The at-fork handler makes this unreachable in
well-behaved paths; it remains for abnormal shutdowns.
(cherry picked from commit 3a7df632c9)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Co-authored-by: Itamar Oren <itamarost@gmail.com>
gh-147965: Add shutdown() to multiprocessing.Queue excluded methods (GH-147970)
The multiprocessing.Queue documentation states it implements all
methods of queue.Queue except task_done() and join(). Since
queue.Queue.shutdown() was added in Python 3.13,
multiprocessing.Queue also does not implement it. Update the docs
to include shutdown() in the list of excluded methods.
(cherry picked from commit 22290ed011)
Co-authored-by: WYSIATI <chester.lee.cold@gmail.com>
gh-148337: Document `importlib.resources` security model (GH-148340)
(cherry picked from commit 70b86e7829)
Co-authored-by: Stan Ulbrych <stan@python.org>
gh-145105: Fix crash in csv.reader with re-entrant iterator (GH-145106)
When a custom iterator calls next() on the same csv.reader from
within __next__, the inner iteration sets self->fields to NULL.
The outer iteration then crashes in parse_save_field() by passing
NULL to PyList_Append.
Add a guard after PyIter_Next() to detect that fields was set to
NULL by a re-entrant call, and raise csv.Error instead of crashing.
(cherry picked from commit 20994b1809)
Co-authored-by: Ramin Farajpour Cami <ramin.blackhat@gmail.com>
Original patch by gigaplastik, extended with a few more tests.
Addresses gh-70039 and bpo-25852: failure of starttls if connect is called explicitly.
(cherry picked from commit 442f83a5ea)
Co-authored-by: nmartensen <nis.martensen@web.de>
gh-124613: Deactivate perf support in tests if the jit is set (GH-124794)
gh-124613: Deactivate the JIT during perf tests
(cherry picked from commit 5e9e50612e)
Signed-off-by: Pablo Galindo <pablogsal@gmail.com>
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
gh-146121: Clarify security model of pkgutil.getdata; revert checks (GH-148197)
This reverts commit bcdf231946,
and clarifies get_data's security model.
(cherry picked from commit cf59bf7647)
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: Stan Ulbrych <stan@python.org>
Avoid embedding the parent's sys.argv into the forkserver -c command
string via repr(). When sys.argv is large (e.g. thousands of file
paths from a pre-commit hook), the resulting single argument could
exceed the OS per-argument length limit (MAX_ARG_STRLEN on Linux,
typically 128 KiB), causing posix_spawn to fail and the parent to
observe a BrokenPipeError.
Instead, append the argv entries as separate command-line arguments
after -c; the forkserver child reads them back as sys.argv[1:]. This
cannot exceed any limit the parent itself did not already satisfy.
Regression introduced by gh-143706 / 298d5440eb.
(cherry picked from commit 5e9d90b615)
Pre-create the Android emulator image so that the the configuration can be
modified to use 4GB of RAM.
(cherry picked from commit a95ee3a21d)
Co-authored-by: Malcolm Smith <smith@chaquo.com>
Allows building the Android testbed for 32-bit targets, adding the target triplets
`arm-linux-androideabi` and `i686-linux-android`.
(cherry picked from commit 848bbe9ff2)
Co-authored-by: Robert Kirkman <31490854+robertkirkman@users.noreply.github.com>
gh-94632: document the subprocess need for extra_groups=() with user= (GH-148129)
(cherry picked from commit a1cf4430ed)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Allows for cleaning a subset of targets, customization of the download cache and
cross-build directories, and modifies the build command to allow 'all', 'build'
and 'hosts' targets.
(cherry picked from commit b8470deb5d)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
gh-143394: Skip pyrepl test_no_newline() basic REPL if readline is missing (GH-147973)
(cherry picked from commit 97babb8ef7)
Co-authored-by: Victor Stinner <vstinner@python.org>
The long_from_string_base() might return a small integer, when the
_pylong.py is used to do conversion. Hence, we must be careful here to
not smash it "small int" bit by using the _PyLong_FlipSign().
Co-authored-by: Victor Stinner <vstinner@python.org>
(cherry picked from commit db5936c5b8)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
Miss Islington (bot)