PublicArchive/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2026-05-12 15:39:22 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
d38298a9ba1663fe7c9ea5a765dbdb0c6c370f54
cpython/Include
T
History
Sebastian Pipping 0a01ed6c2a [3.12] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (GH-115623) (GH-116248) 
Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods:

- `xml.etree.ElementTree.XMLParser.flush`
- `xml.etree.ElementTree.XMLPullParser.flush`
- `xml.parsers.expat.xmlparser.GetReparseDeferralEnabled`
- `xml.parsers.expat.xmlparser.SetReparseDeferralEnabled`
- `xml.sax.expatreader.ExpatParser.flush`

Based on the "flush" idea from https://github.com/python/cpython/pull/115138#issuecomment-1932444270 .

- Please treat as a security fix related to CVE-2023-52425.

(cherry picked from commit 6a95676bb5)
(cherry picked from commit 73807eb634)
(cherry picked from commit eda2963378)

---------

Includes code suggested-by: Snild Dolkow <snild@sony.com>
and by core dev Serhiy Storchaka.
Co-authored-by: Gregory P. Smith <greg@krypto.org>
2024-03-06 22:01:45 +00:00
..
cpython
[3.12] chore: fix typos (#116345) (#116370)
2024-03-05 18:51:17 +00:00
internal
[3.12] chore: fix typos (#116345) (#116370)
2024-03-05 18:51:17 +00:00
abstract.h
bltinmodule.h
boolobject.h
[3.12] gh-106560: Fix redundant declarations in Include/ (#112611) (#112650)
2023-12-03 11:45:32 +00:00
bytearrayobject.h
bytesobject.h
ceval.h
codecs.h
compile.h
[3.12] gh-109596: Ensure repeated rules in the grammar are not allowed and fix incorrect soft keywords (GH-109606). (#109752)
2023-10-02 17:22:07 +02:00
complexobject.h
datetime.h
descrobject.h
gh-103509: PEP 697 -- Limited C API for Extending Opaque Types (GH-103511)
2023-05-04 09:56:53 +02:00
dictobject.h
dynamic_annotations.h
enumobject.h
errcode.h
[3.12] gh-107450: Check for overflow in the tokenizer and fix overflow test (GH-110832) (#110931)
2023-10-16 18:59:18 +02:00
exports.h
fileobject.h
[3.12] gh-77782: Deprecate Py_HasFileSystemDefaultEncoding (GH-106272) (#106274)
2023-06-30 10:21:36 +00:00
fileutils.h
floatobject.h
frameobject.h
genericaliasobject.h
import.h
interpreteridobject.h
[3.12] gh-101524: Only Use Public C-API in the _xxsubinterpreters Module (gh-105258) (gh-107303)
2023-07-27 13:15:47 -06:00
intrcheck.h
iterobject.h
listobject.h
longobject.h
[3.12] gh-106560: Fix redundant declarations in Include/ (#112611) (#112650)
2023-12-03 11:45:32 +00:00
marshal.h
memoryobject.h
methodobject.h
modsupport.h
[3.12] gh-107226: PyModule_AddObjectRef() should only be in the limited API 3.10 (GH-107227) (GH-107260)
2023-07-25 23:01:18 +03:00
moduleobject.h
[3.12] gh-111698: Restrict Py_mod_multiple_interpreters to 3.12+ Under Py_LIMITED_API (gh-111707) (gh-111787)
2023-11-27 19:42:27 -07:00
object.h
[3.12] gh-109496: Detect Py_DECREF() after dealloc in debug mode (GH-109539) (#109545)
2023-09-18 17:39:27 +00:00
objimpl.h
gh-102013: Add PyUnstable_GC_VisitObjects (#102014)
2023-03-14 01:35:54 +00:00
opcode.h
gh-103865: add monitoring support to LOAD_SUPER_ATTR (#103866)
2023-05-16 10:29:00 -06:00
osdefs.h
osmodule.h
patchlevel.h
Post 3.12.2
2024-02-07 00:44:32 +01:00
py_curses.h
pybuffer.h
gh-102500: Implement PEP 688 (#102521)
2023-05-04 07:59:46 -07:00
pycapsule.h
pydtrace.d
pydtrace.h
pyerrors.h
pyexpat.h
[3.12] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (GH-115623) (GH-116248)
2024-03-06 22:01:45 +00:00
pyframe.h
pyhash.h
pylifecycle.h
pymacconfig.h
[3.12] gh-110820: Disable test_signal.test_stress_modifying_handlers on macOS (GH-112834)
2023-12-09 15:53:16 +01:00
pymacro.h
gh-99069: Consolidate checks for static_assert (#94766)
2023-04-05 17:09:19 +02:00
pymath.h
gh-104263: Rely on Py_NAN and introduce Py_INFINITY (GH-104202)
2023-05-10 17:44:52 +01:00
pymem.h
pyport.h
[3.12] gh-63760: Don't declare gethostname() on Solaris (#108817) (#108824)
2023-09-02 23:47:25 +02:00
pystate.h
pystats.h
Remove useless symbol in pystats.h (#101864)
2023-04-09 14:13:21 +05:30
pystrcmp.h
pystrtod.h
Python.h
pythonrun.h
gh-102755: PyErr_DisplayException only in ABI >= 3.12. Tests cover PyErr_Display as well (GH-102849)
2023-03-21 10:36:18 +01:00
pythread.h
pytypedefs.h
rangeobject.h
README.rst
setobject.h
sliceobject.h
structmember.h
structseq.h
sysmodule.h
gh-103295: expose API for writing perf map files (#103546)
2023-05-21 11:12:24 +01:00
traceback.h
tracemalloc.h
GH-101520: Move tracemalloc functionality into core, leaving interface in Modules. (#104508)
2023-05-17 14:17:16 +01:00
tupleobject.h
typeslots.h
unicodeobject.h
Fix typo in "expected" word in few source files (#104034)
2023-05-01 09:45:50 -06:00
warnings.h
weakrefobject.h

README.rst 

The Python C API
================

The C API is divided into these sections:

1. ``Include/``: Limited API
2. ``Include/cpython/``: CPython implementation details
3. ``Include/cpython/``, names with the ``PyUnstable_`` prefix: API that can
   change between minor releases
4. ``Include/internal/``, and any name with ``_`` prefix: The internal API

Information on changing the C API is available `in the developer guide`_

.. _in the developer guide: https://devguide.python.org/c-api/
Reference in New Issue View Git Blame Copy Permalink