Issue #22885: Fixed arbitrary code execution vulnerability in the dbm.dumb

module.  Original patch by Claudiu Popa.

diff --cc Lib/dbm/dumb.py
Simple merge

diff --cc Lib/test/test_dbm_dumb.py
index ee5a32f3fb0a1c1fab515c64609a87f9a6f3efd9,dc88ca64dcfdfd85f78dc1db292f0e90c3839a70..ff63c88c0bc5c81342c961568b1ed82f315140ff
--- 1/Lib/test/test_dbm_dumb.py
--- 2/Lib/test/test_dbm_dumb.py
+++ b/Lib/test/test_dbm_dumb.py
@@@ -217,14 -217,15 +217,23 @@@ class DumbDBMTestCase(unittest.TestCase
              self.assertEqual(str(cm.exception),
                               "DBM object has already been closed")
  
 +    def test_create_new(self):
 +        with dumbdbm.open(_fname, 'n') as f:
 +            for k in self._dict:
 +                f[k] = self._dict[k]
 +
 +        with dumbdbm.open(_fname, 'n') as f:
 +            self.assertEqual(f.keys(), [])
 +
+     def test_eval(self):
+         with open(_fname + '.dir', 'w') as stream:
+             stream.write("str(print('Hacked!')), 0\n")
+         with support.captured_stdout() as stdout:
+             with self.assertRaises(ValueError):
+                 with dumbdbm.open(_fname) as f:
+                     pass
+             self.assertEqual(stdout.getvalue(), '')
+ 
      def tearDown(self):
          _delete_files()
  

diff --cc Misc/NEWS
index 3712a98431d546b8929a18fd1e8b9e72c148133d,b453fe458d2f8af96d4761628f9224e2f4f3d1f6..f836c8d209fff4572372cd99beff65c273e50098
--- 1/Misc/NEWS
--- 2/Misc/NEWS
+++ b/Misc/NEWS
@@@ -13,8 -13,9 +13,11 @@@ Core and Builtin
  Library
  -------
  
+ - Issue #22885: Fixed arbitrary code execution vulnerability in the dbm.dumb
+   module.  Original patch by Claudiu Popa.
+ 
 +- Issue #23239: ssl.match_hostname() now supports matching of IP addresses.
 +
  - Issue #23146: Fix mishandling of absolute Windows paths with forward
    slashes in pathlib.