[3.11] gh-106033: Get rid of new occurrences of PyDict_GetItem and PyObject_HasAttr (GH-106034)
These functions are broken by design because they discard any exceptions raised
inside, including MemoryError and KeyboardInterrupt. They should not be
used in new code..
(cherry picked from commit 1d33d53780)
* [3.11] gh-105375: Explicitly initialise all {Pickler,Unpickler}Object fields (#105686)
All fields must be explicitly initialised to prevent manipulation of
uninitialised fields in dealloc.
Align initialisation order with the layout of the object structs.
(cherry picked from commit ca3cc4b95d)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
gh-105436: The environment block should end with two null wchar_t values (GH-105495)
(cherry picked from commit 4f7d3b602d)
Co-authored-by: Dora203 <66343334+sku2000@users.noreply.github.com>
Prevent repeated PyLong_FromVoidPtr() from possibly overwriting the
current exception.
(cherry picked from commit e8998e46a7)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Fix a bug where an exception could end up being overwritten.
(cherry picked from commit c932f72849)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Improve error handling so init bails on the first exception.
(cherry picked from commit 16d49680b5)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Fix a bug where 'tp_richcompare' could end up overwriting an exception.
(cherry picked from commit 35cff545db)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Fix bugs where exceptions could end up being overwritten
because of deferred error handling.
(cherry picked from commit 33c92c4f15)
Co-authored-by: Nikita Sobolev <mail@sobolevn.me>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Fix bugs where exceptions could end up being overwritten.
(cherry picked from commit 00b599ab5a)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Fix a bug where an IndexError could end up being overwritten.
(cherry picked from commit f668f73bc8)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Check for error after each call to PyUnicode_FromStringAndSize().
(cherry picked from commit a24a780d93)
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
gh-104399: Use newer libtommath APIs when necessary (GH-104407)
(cherry picked from commit 00d73caf80)
Co-authored-by: Christopher Chavez <chrischavez@gmx.us>
Upgrade builds to OpenSSL 1.1.1u.
This OpenSSL version addresses a pile if less-urgent CVEs since 1.1.1t.
The Mac/BuildScript/build-installer.py was already updated.
Also updates _ssl_data_111.h from OpenSSL 1.1.1u, _ssl_data_300.h from 3.0.9.
Manual edits to the _ssl_data_300.h file prevent it from removing any existing definitions in case those exist in some peoples builds and were important (avoiding regressions during backporting).
(cherry picked from commit ede89af)
Move all of the Python C API calls into the parent process up front
instead of doing PyLong_AsLong and PyErr_Occurred and PyTuple_GET from
the post-fork/vfork child process.
Much of this was long overdue. We shouldn't have been using PyTuple and
PyLong APIs within all of these low level functions anyways.
This is a backport of c649df6 for #104518 and the tiny adjustment in d1732fe#104697.
Backporting this allows backporting of the real bug fix that requires it.
Co-authored-by: Gregory P. Smith [Google] <greg@krypto.org>
Add IPv6 into to the docstring for socket.getsockname (GH-102961)
(cherry picked from commit ecc5441505)
Signed-off-by: Brian Haley <haleyb.dev@gmail.com>
Co-authored-by: Brian Haley <brianphaley@gmail.com>
gh-101857: Allow xattr detection on musl libc (GH-101858)
Previously, we checked exclusively for `__GLIBC__` (AND'd with some other
conditions). Checking for `__linux__` instead should be fine.
This fixes using e.g. `os.listxattr()` on systems using musl libc.
Bug: https://bugs.gentoo.org/894130
(cherry picked from commit 8be8101bca)
Co-authored-by: Sam James <sam@gentoo.org>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
GH-104308: socket.getnameinfo should release the GIL (GH-104307)
* socket.getnameinfo should release the GIL
* 📜🤖 Added by blurb_it.
---------
(cherry picked from commit faf196213e)
Co-authored-by: Nathaniel J. Smith <njs@pobox.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Migrate `SSLContext.set_ecdh_curve()` not to use deprecated OpenSSL APIs.
(cherry picked from commit 35167043e3)
Co-authored-by: Dong-hee Na <donghee.na@python.org>
GH-25309 enabled SSL_OP_IGNORE_UNEXPECTED_EOF by default, with a comment
that it restores OpenSSL 1.1.1 behavior, but this wasn't quite right.
That option causes OpenSSL to treat transport EOF as the same as
close_notify (i.e. SSL_ERROR_ZERO_RETURN), whereas Python actually has
distinct SSLEOFError and SSLZeroReturnError exceptions. (The latter is
usually mapped to a zero return from read.) In OpenSSL 1.1.1, the ssl
module would raise them for transport EOF and close_notify,
respectively. In OpenSSL 3.0, both act like close_notify.
Fix this by, instead, just detecting SSL_R_UNEXPECTED_EOF_WHILE_READING
and mapping that to the other exception type.
There doesn't seem to have been any unit test of this error, so fill in
the missing one. This had to be done with the BIO path because it's
actually slightly tricky to simulate a transport EOF with Python's fd
based APIs. (If you instruct the server to close the socket, it gets
confused, probably because the server's SSL object is still referencing
the now dead fd?)
(cherry picked from commit 420bbb783b)
Co-authored-by: David Benjamin <davidben@google.com>
gh-102027: Fix macro name (GH-102124)
This fixes the ssse3 / sse2 detection when sse4 is available.
(cherry picked from commit ea93bde4ec)
Co-authored-by: Max Bachmann <kontakt@maxbachmann.de>
Co-authored-by: Oleg Iarygin <oleg@arhadthedev.net>
(cherry picked from commit 1a84cc007e)
Co-authored-by: Kumar Aditya <59607654+kumaraditya303@users.noreply.github.com>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Fix missing 'is' in cmath.log() docstring.
(cherry picked from commit 71f614ef2a)
Co-authored-by: Owain Davies <116417456+OTheDev@users.noreply.github.com>
[3.11] gh-99952: [ctypes] fix refcount issues in from_param() result. (GH-100169)
Fixes a reference counting issue with `ctypes.Structure` when a `from_param()` method call is used and the structure size is larger than a C pointer `sizeof(void*)`.
This problem existed for a very long time, but became more apparent in 3.8+ by change likely due to garbage collection cleanup timing changes..
(cherry picked from commit dfad678d70)
Co-authored-by: Yukihiro Nakadaira <yukihiro.nakadaira@gmail.com>
When getaddrinfo returns an error, the output pointer is in an unknown state
Don't call freeaddrinfo on it. See the issue for discussion and details with
links to reasoning. _Most_ libc getaddrinfo implementations never modify the
output pointer unless they are returning success.
(cherry picked from commit b724ac2fe7)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Co-authored-by: Sergey G. Brester <github@sebres.de>
Co-authored-by: Oleg Iarygin <dralife@yandex.ru>