gh-126455: Disallow _ssl.SSLSocket instantiation (GH-126481)
Prevent creation of incomplete/invalid _ssl.SSLSocket objects when
created directly.
(cherry picked from commit b1c4ffc205)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-126425: Refactor `_lsprof_Profiler_enable` (GH-126426)
- Explicit memory management for `None` objects (since we still try to treat immortal objects as regular objects)
- Respect possible errors of `sys.monitoring.register_callback` call
(cherry picked from commit 75872605aa)
Co-authored-by: sobolevn <mail@sobolevn.me>
gh-126080: fix UAF on `task->task_context` in `task_call_step_soon` due to an evil `loop.__getattribute__` (GH-126120)
(cherry picked from commit 0e8665554b)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-126083: Fix a reference leak in `asyncio.Task` when reinitializing with new non-`None` context (GH-126103)
(cherry picked from commit d07dcce693)
Co-authored-by: Nico-Posada <102486290+Nico-Posada@users.noreply.github.com>
Yak-shave in preparation for Argument Clinic adaption in gh-125999.
(cherry picked from commit 9b14083497)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
gh-125966: fix use-after-free on `fut->fut_callback0` due to an evil callback's `__eq__` in asyncio (GH-125967)
(cherry picked from commit ed5059eeb1)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-125984: fix use-after-free on `fut->fut_{callback,context}0` due to an evil `loop.__getattribute__` (GH-126003)
(cherry picked from commit f819d4301d)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-125969: fix OOB in `future_schedule_callbacks` due to an evil `call_soon` (GH-125970)
(cherry picked from commit c5b99f5c2c)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Co-authored-by: Andrew Svetlov <andrew.svetlov@gmail.com>
GH-125789: fix `fut._callbacks` to always return a copy of callbacks (#125922)
Fix `asyncio.Future._callbacks` to always return a copy of the internal list of callbacks to avoid mutation from user code affecting the internal state.
(cherry picked from commit cae853e3b4)
This includes a drive-by cleanup in _queues_init() and _queues_fini().
This change also applies to the _interpchannels module.
(cherry picked from commit 4848b0b92c, AKA gh-125803)
Co-authored-by: Eric Snow <ericsnowcurrently@gmail.com>
The fix applies to the _interpchannels module as well.
I've also included a drive-by typo fix for _interpqueues.
(cherry picked from commit 44f841f01a, AKA gh-125802)
Co-authored-by: Eric Snow <ericsnowcurrently@gmail.com>
This is a follow up of GH-124974. Only Glibc needed a fix.
Now the returned value is a string consisting of semicolon-separated
symbols on all Posix platforms.
(cherry picked from commit dcc4fb2c90)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-125667: Statically Initialize the Arg Converter Data Values in _interpqueuesmodule.c (gh-125668)
(cherry picked from commit 7cf2dbc3cb)
Co-authored-by: Eric Snow <ericsnowcurrently@gmail.com>
Fix time.strftime(), the strftime() method and formatting of the
datetime classes datetime, date and time.
* Characters not encodable in the current locale are now acceptable in
the format string.
* Surrogate pairs and sequence of surrogatescape-encoded bytes are no
longer recombinated.
* Embedded null character no longer terminates the format string.
This fixes also gh-78662 and gh-124531.
(cherry picked from commit ad3eac1963)
Lock `ZoneInfoType` to protect accesses to `ZONEINFO_STRONG_CACHE`.
Refactor the `tp_new` handler to use Argument Clinic so that we can just
use `@critical_section` annotations on the relevant functions.
Also use `PyDict_SetDefaultRef` instead of `PyDict_SetDefault` when
inserting into the `TIMEDELTA_CACHE`.
(cherry picked from commit f1d33dbddd)
Co-authored-by: Sam Gross <colesbury@gmail.com>
gh-125235: Keep `_tkinter` TCL paths pointing to base installation on Windows (GH-125250)
(cherry picked from commit b3aa1b5fe2)
Signed-off-by: y5c4l3 <y5c4l3@proton.me>
Co-authored-by: Y5 <124019959+y5c4l3@users.noreply.github.com>
Returns a tuple of up to 100 strings for ALT_DIGITS lookup (an empty tuple on most locales).
Previously it returned the first item of that tuple or an empty string.
(cherry picked from commit 21c04e1a97)
memcopy'ing arbitrary values to _Bool variable triggers undefined
behaviour. Avoid this.
We assume that `false` is represented by all zero bytes.
Credits to Alex Gaynor.
(cherry picked from commit 87d7315ac5)
Co-authored-by: Sam Gross <colesbury@gmail.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Petr Viktorin <encukou@gmail.com>
gh-120378: Fix crash caused by integer overflow in `curses` (GH-124555)
This is actually an upstream problem in curses, and has been reported
to them already:
https://lists.gnu.org/archive/html/bug-ncurses/2024-09/msg00101.html
This is a nice workaround in the meantime to prevent the segfault.
(cherry picked from commit c2ba931318)
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-116810: fix memory leak in ssl module (GH-123249)
Resolve a memory leak introduced in CPython 3.10's :mod:`ssl` when the :attr:`ssl.SSLSocket.session` property was accessed. Speeds up read and write access to said property by no longer unnecessarily cloning session objects via serialization.
(cherry picked from commit 7e7223e18f)
Co-authored-by: Jeffrey R. Van Voorst <jeff.vanvoorst@gmail.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Co-authored-by: Antoine Pitrou <antoine@python.org>
Revert the incremental GC in 3.13, since it's not clear that without further turning, the benefits outweigh the costs.
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Buildbot failure on Windows 10 with MSC v.1916 64 bit (AMD64):
FAIL: testFmod (test.test_math.MathTests.testFmod)
----------------------------------------------------------------------
Traceback (most recent call last):
File "D:\buildarea\3.x.bolen-windows10\build\Lib\test\test_math.py", line 605, in testFmod
self.ftest('fmod(-10, 1)', math.fmod(-10, 1), -0.0)
~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "D:\buildarea\3.x.bolen-windows10\build\Lib\test\test_math.py", line 258, in ftest
self.fail("{}: {}".format(name, failure))
~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AssertionError: fmod(-10, 1): expected -0.0, got 0.0 (zero has wrong sign)
Here Windows loose sign of the result; if y is nonzero, the result
should have the same sign as x.
This amends commit 28aea5d07d.
(cherry picked from commit f4dd440210)
gh-123797: Check for runtime availability of `ptsname_r` on macos (GH-123806)
(cherry picked from commit 3e36e5aef1)
Co-authored-by: sobolevn <mail@sobolevn.me>
gh-124248: Fix crash in struct when processing 0p fields (GH-124251)
(cherry picked from commit 63f196090f)
Co-authored-by: Brian Schubert <brianm.schubert@gmail.com>
gh-123017: Add Android to the list of platforms where `strftime` doesn't support negative years (GH-124467)
Add Android to the list of platforms where `strftime` doesn't support negative years
(cherry picked from commit 0a3577bdfc)
Co-authored-by: Malcolm Smith <smith@chaquo.com>
Switch more _Py_IsImmortal(...) assertions to _Py_IsImmortalLoose(...)
The remaining calls to _Py_IsImmortal are in free-threaded-only code,
initialization of core objects, tests, and guards that fall back to
code that works with mortal objects.
(cherry picked from commit 57c471a688)
gh-123431: Harmonize extension code checks in pickle (GH-123434)
This checks are redundant in normal circumstances and can only work if
the extension registry was intentionally broken.
* The Python implementation now raises exception for the extension code
with false boolean value.
* Simplify the C code. RuntimeError is now raised in explicit checks.
* Add many tests.
(cherry picked from commit 0c3ea30238)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-123213: Fixed xml.etree.ElementTree.Element.extend and assignment to no longer hide exceptions (GH-123214)
(cherry picked from commit 90b6d0e0f8)
Co-authored-by: Bar Harel <bharel@barharel.com>
* Parameters after the var-positional parameter are now keyword-only
instead of positional-or-keyword.
* Correctly calculate min_kw_only.
* Raise errors for invalid combinations of the var-positional parameter
with "*", "/" and deprecation markers.
(cherry picked from commit 8393608dd9)