Fix an off by one error in the peephole optimizer when checking for unreachable code beyond a return.
Do a bounds check within find_op so it can return before going past the end as a safety measure.
7db3c48833GH-diff-a33329ae6ae0bb295d742f0caf93c137
introduced this off by one error while fixing another one nearby.
This bug was shipped in all Python 3.6 and 3.7 releases.
The included unittest won't fail unless you do a clang msan build.
(cherry picked from commit 49fa4a9f1e)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Pydoc now does not duplicate docstrings for aliases of inherited methods.
(cherry picked from commit a44d34e179)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
The constructor of subprocess.CalledProcessError in the check_output function had an extra None in it.
(cherry picked from commit b93925047a)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
The test depended on '/usr/share/zoneinfo/posixrules' or equivalent
because it set TZ without explicit DST transition rules. At least
on OpenSUSE Tumbleweed that file is linked to '/etc/localtime',
making the test fail with certain local timezones,
such as 'Europe/Moscow' which doesn't have DST transitions since 2011.
(cherry picked from commit f1b9ad3d38)
Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
Two kind of mistakes:
1. Missed space. After concatenating there is no space between words.
2. Missed comma. Causes unintentional concatenating in a list of strings.
(cherry picked from commit 34fd4c2019)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
_io.IncrementalNewlineDecoder's initializer possibly assigns out-of-range
value to the bitwise struct field.
(cherry picked from commit b08746bfdf)
Co-authored-by: Xiang Zhang <angwerzx@126.com>
After commit d0f49d2f50, the output of the
test suite is always buffered as the test output needs to be included in
the JUnit file in same cases (as when a test fails). This has the
consequence that printing or using debuggers (like pdb) in the test
suite does not result in a good user experience anymore.
This commit modifies the test suite runner so it only captures the test
output when the JUnit file is requested to fix the regression so prints
and debuggers are usable again.
(cherry picked from commit 02277482ea)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* Use _PyUnicode_Copy in sanitize_isoformat_str
* Use repr in fromisoformat error message
This reverses commit 67b74a98b2 per Serhiy Storchaka's suggestion:
I suggested to use %R in the error message because including the raw
string can be confusing in the case of empty string, or string
containing trailing whitespaces, invisible or unprintable characters.
We agree that it is better to change both the C and pure Python versions
to use repr.
* Retain non-sanitized dtstr for error printing
This does not create an extra string, it just holds on to a reference to
the original input string for purposes of creating the error message.
* PEP 7 fixes to from_isoformat
* Separate handling of Unicode and other errors
In the initial implementation, errors other than encoding errors would
both raise an error indicating an invalid format, which would not be
true for errors like MemoryError.
* Drop needs_decref from _sanitize_isoformat_str
Instead _sanitize_isoformat_str returns a new reference, even to the
original string.
(cherry picked from commit 3df85404d4)
Co-authored-by: Paul Ganssle <pganssle@users.noreply.github.com>
Constructing bytes from mutating list could cause a crash.
(cherry picked from commit 914f9a078f)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
path_error() uses GetLastError() on Windows, but some os functions
are implemented via CRT APIs which report errors via errno.
This may result in raising OSError with invalid error code (such
as zero).
Introduce posix_path_error() function and use it where appropriate.
(cherry picked from commit 834603112e)
Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
The reprlib code was copied here instead of importing reprlib. I'm not sure if we really need to avoid the import, but since I expect dataclasses to be more common that reprlib, it seems wise. Plus, the code is small.
(cherry picked from commit dd13c88b53)
Co-authored-by: Srinivas Thatiparthy (శ్రీనివాస్ తాటిపర్తి) <srinivasreddy@users.noreply.github.com>
Adding `max_num_fields` to `cgi.FieldStorage` to make DOS attacks harder by
limiting the number of `MiniFieldStorage` objects created by `FieldStorage`.
(cherry picked from commit 209144831b)
Co-authored-by: matthewbelisle-wf <matthew.belisle@workiva.com>
C implementation of xml.etree.ElementTree.Element.__setstate__()
leaked references to children when called for already initialized
element.
(cherry picked from commit 6f906b3d72)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
On macOS, fix reading from and writing into a file with a size larger than 2 GiB.
(cherry picked from commit 74a8b6ea7e)
Co-authored-by: Stéphane Wirtel <stephane@wirtel.be>
[3.7] [bpo-23420](https://bugs.python.org/issue23420): Verify the value of '-s' when execute the CLI of cProfile (GH-9925)
Verify the value for the parameter '-s' of the cProfile CLI. Patch by Robert
Kuska.
Co-authored-by: Robert Kuska <rkuska@gmail.com>
(cherry picked from commit fcd5e84a51)
https://bugs.python.org/issue23420
Fix test_cmd_line_script.test_nonexisting_script(): the test must not
rely on sys.executable, since main.c uses config->program which can
be different than sys.executable in many cases (for example, on macOS
when using the framework).
(cherry picked from commit ea75187c68)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Methods find(), findtext() and findall() of xml.etree.ElementTree.Element
were not able to find chldren which are instances of Element subclasses.
(cherry picked from commit b11c5667f9)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Covered all special cases: bytes, tuple, list, differend
kinds of iterables and iterators.
(cherry picked from commit 1a997eb291)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
With macOS framework builds, test case test_nonexisting_script in
test_nonexisting_script fails because the test case assumes that
the file name in sys.executable will appear in the error message.
For macOS framework builds, sys.executable is the file name of the
stub launcher and its file name bears no relationship to the file
name of the actual python executable. For now, skip the test in
this case.
(cherry picked from commit f6c29a65e2)
Co-authored-by: Ned Deily <nad@python.org>
When Python is built with the intel control-flow protection flags,
-mcet -fcf-protection, gdb is not able to read the stack without
actually jumping inside the function. This means an extra
'next' command is required to make the $pc (program counter)
enter the function and make the stack of the function exposed to gdb.
Co-Authored-By: Marcel Plch <gmarcel.plch@gmail.com>
(cherry picked from commit 9b7c74ca32)
(cherry picked from commit 79d21331e6)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
bpo-6721: When os.fork() was called while another thread holds a logging lock, the child process may deadlock when it tries to log. This fixes that by acquiring all logging locks before fork and releasing them afterwards.
A regression test that fails before this change is included.
Within the new unittest itself: There is a small _potential_ due to mixing of fork and a thread in the child process if the parent's thread happened to hold a non-reentrant library call lock (malloc?) when the os.fork() happens. buildbots and time will tell if this actually manifests itself in this test or not. :/ A functionality test that avoids that would be a challenge.
An alternate test that isn't trying to produce the deadlock itself but just checking that the release and acquire calls are made would be the next best alternative if so.
(cherry picked from commit 19003841e9)
Co-authored-by: Gregory P. Smith <greg@krypto.org> [Google]
The C implementation of asyncio.Task currently fails to perform the
cancellation cleanup correctly in the following scenario.
async def task1():
async def task2():
await task3 # task3 is never cancelled
asyncio.current_task().cancel()
await asyncio.create_task(task2())
The actuall error is a hardcoded call to `future_cancel()` instead of
calling the `cancel()` method of a future-like object.
Thanks to Vladimir Matveev for noticing the code discrepancy and to
Yury Selivanov for coming up with a pathological scenario..
(cherry picked from commit 548ce9dedd)
Co-authored-by: Elvis Pranskevichus <elvis@magic.io>
https://bugs.python.org/issue34872
Fix a reference issue inside multiprocessing.Pool that caused the pool to remain alive if it was deleted without being closed or terminated explicitly.
(cherry picked from commit 97bfe8d3eb)
Co-authored-by: tzickel <tzickel@users.noreply.github.com>
* Compiling a string annotation containing a lambda with keyword-only
argument without default value caused a crash.
* Remove the final "*" (it is incorrect syntax) in the representation of
lambda without *args and keyword-only arguments when compile from AST.
* Improve the representation of lambda without arguments.
(cherry picked from commit 2a2940e5c3)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Improvements:
1. Include the number of valid data characters in the error message.
2. Mention "number of data characters" rather than "length".
https://bugs.python.org/issue34736
(cherry picked from commit 1fba2ffc37)
Co-authored-by: Tal Einat <taleinat+github@gmail.com>
After some failures in AMD64 FreeBSD CURRENT Debug 3.x buildbots
regarding tests in test_socket that are using
testFDPassSeparateMinSpace(), FreeBDS revision 337423 was pointed
out to be the reason the test started to fail.
A close examination of the manpage for cmsg_space(3) reveals that
the number of file descriptors needs to be taken into account when
using CMSG_LEN().
This commit fixes tests in test_socket to use correctly CMSG_LEN, taking
into account the number of FDs.
(cherry picked from commit 7291108d88)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
When dict subclass overrides order (`__iter__()`, `keys()`, and `items()`), `dict(o)`
should use it instead of dict ordering.
https://bugs.python.org/issue34320
(cherry picked from commit 2aaf98c16a)
Co-authored-by: INADA Naoki <methane@users.noreply.github.com>
Make sure that "./python script.py" does not crash if the script
file doesn't exist.
(cherry picked from commit a46467ff19)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
The SAX parser no longer processes general external entities by default
to increase security. Before, the parser created network connections
to fetch remote files or loaded local files from the file system for DTD
and entities.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue17239.
(cherry picked from commit 17b1d5d4e3)
Co-authored-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue17239
Add SSLContext.post_handshake_auth and
SSLSocket.verify_client_post_handshake for TLS 1.3 post-handshake
authentication.
Signed-off-by: Christian Heimes <christian@python.org>q
https://bugs.python.org/issue34670.
(cherry picked from commit 9fb051f032)
Co-authored-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue34670
OpenSSL follows the convention that whenever you call a function, it
returns an error indicator value; and if this value is negative, then
you need to go look at the actual error code to see what happened.
Commit c6fd1c1c3a introduced a small mistake in
_ssl__SSLSocket_shutdown_impl: instead of checking whether the error
indicator was negative, it started checking whether the actual error
code was negative, and it turns out that the error codes are never
negative. So the effect was that 'unwrap()' lost the ability to raise
SSL errors.
https://bugs.python.org/issue34759
(cherry picked from commit c0da582b22)
Co-authored-by: Nathaniel J. Smith <njs@pobox.com>
We cannot simply call locale.getpreferredencoding() here,
as GDB might have been linked against a different version
of Python with a different encoding and coercion policy
with respect to PEP 538 and PEP 540.
Thanks to Victor Stinner for a hint on how to fix this.
(cherry picked from commit 7279b5125e)
Co-authored-by: Elvis Pranskevichus <elvis@magic.io>
Miss Islington (bot)
Steve Dower
Serhiy Storchaka
Victor Stinner
Stéphane Wirtel
Elvis Pranskevichus
Christian Heimes
Ethan Furman