CVE-2019-9948: Avoid file reading by disallowing local-file:// and
local_file:// URL schemes in URLopener().open() and
URLopener().retrieve() of urllib.request.
Gregory P. Smith [Wed, 29 May 2019 02:08:28 +0000 (19:08 -0700)]
[3.6] bpo-35925: Skip SSL tests that fail due to weak external certs or old TLS (GH-13124) (GH-13252)
* [3.6] bpo-35925: Skip SSL tests that fail due to weak external certs. (GH-13124)
Modern Linux distros such as Debian Buster have default OpenSSL system
configurations that reject connections to servers with weak certificates
by default. This causes our test suite run with external networking
resources enabled to skip these tests when they encounter such a failure.
Miro Hrončok [Wed, 8 May 2019 16:33:24 +0000 (18:33 +0200)]
bpo-30458: Disallow control chars in http URLs. (GH-12755) (GH-13155)
Disallow control chars in http URLs in urllib.urlopen. This addresses a potential security problem for applications that do not sanity check their URLs where http request headers could be injected.
Disable https related urllib tests on a build without ssl (GH-13032)
These tests require an SSL enabled build. Skip these tests when python is built without SSL to fix test failures.
Use http.client.InvalidURL instead of ValueError as the new error case's exception. (GH-13044)
Under some conditions the earlier fix for bpo-18075, "Infinite recursion
tests triggering a segfault on Mac OS X", now causes failures on macOS
when attempting to change stack limit with resource.setrlimit
resource.RLIMIT_STACK, like regrtest does when running the test suite.
The reverted change had specified a non-default stack size when linking
the python executable on macOS. As of macOS 10.14.4, the previous
code causes a hard failure when running tests, although similar
failures had been seen under some conditions under some earlier
systems. For now, revert the original change and resume using
the default stack size when linking the interpreter.
(cherry picked from commit 883dfc668f9730b00928730035b5dbd24b9da2a0)
bpo-35121: prefix dot in domain for proper subdomain validation (GH-10258) (GH-12260)
Don't send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with `http.cookiejar.DefaultCookiePolicy` policy. Patch by Karthikeyan Singaravelan.
(cherry picked from commit ca7fe5063593958e5efdf90f068582837f07bd14)
bpo-35486: Note Py3.6 import system API requirement change (GH-11540) (GH-11588)
While the introduction of ModuleNotFoundError was fully backwards
compatible on the import API consumer side, folks providing alternative
implementations of `__import__` need to make an update to be
forward compatible with clients that start relying on the new subclass.
bpo-35601: Alleviate race condition when waiting for SIGALRM in test_asyncio (GH-11337) (GH-11348)
There is a race condition regarding signal delivery in test_signal_handling_args for
test_asyncio.test_events.KqueueEventLoopTests. The signal can be received at any moment outside the time window provided in the test. The fix is to wait for the signal to be received instead with a bigger timeout.
(cherry picked from commit 5471420faa84519530f29b08f2b042b2288e3e96)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
bpo-35746: Fix segfault in ssl's cert parser (GH-11569) (GH-11573)
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.
Due to regressions found with using Tk 8.6.9.1, the python.org macOS
installers for 3.6.8 and 3.7.2 are shipping with Tcl/Tk 8.6.8 as used
in previous releases.
bpo-35257: fix broken BLDSHARED - needs LDFLAGS too (GH-11297) (GH-11299)
`BLDSHARED` needs to have both `LDFLAGS` and `LDFLAGS_NODIST`, not just `LDFLAGS_NODIST`; `PY_CORE_LDFLAGS` provides both. For example, as it stands now with just `LDFLAGS_NODIST`, macOS universal builds are broken as the necessary `-arch` flags are no longer passed to the standard library extension module link step from `setup.py` resulting in extension modules being single architecture only.
When compiling 3rd party C extensions, the linker flags used by the
compiler for the interpreter and the stdlib modules, will get
leaked into distutils. In order to avoid that, the PY_CORE_LDFLAGS
and PY_LDFLAGS_NODIST are introduced to keep those flags separated.
Victor Stinner [Thu, 20 Dec 2018 19:46:07 +0000 (20:46 +0100)]
bpo-35499: make profile-opt don't override CFLAGS_NODIST (GH-11164) (GH-11267)
"make profile-opt" no longer replaces CFLAGS_NODIST with CFLAGS. It
now adds profile-guided optimization (PGO) flags to CFLAGS_NODIST,
existing CFLAGS_NODIST flags are kept.
bpo-35426: Eliminate race condition in test_interprocess_signal (GH-11087)
The test only except SIGUSR1Exception inside wait_signal(), but the signal can be sent during subprocess_send_signal() call.
(cherry picked from commit 2ab2afd387084ba38a37f5944fcb0675113b64dc)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
bpo-31374: Include pyconfig.h earlier in expat (GH-11064)
Include <pyconfig.h> ealier in Modules/expat/xmltok.c to define
properly _POSIX_C_SOURCE. Python defines _POSIX_C_SOURCE as 200809L,
whereas <features.h> (included indirectly by <string.h>) defines
_POSIX_C_SOURCE as 199506L.
(cherry picked from commit cf247359d5b7082044eea1fa94b5211a172b1ff6)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
The length check for AF_ALG salg_name and salg_type had a off-by-one
error. The code assumed that both values are not necessarily NULL
terminated. However the Kernel code for alg_bind() ensures that the last
byte of both strings are NULL terminated.
Victor Stinner [Mon, 10 Dec 2018 10:53:09 +0000 (11:53 +0100)]
bpo-35052: Fix handler on xml.dom.minidom.cloneNode() (GH-11061) (GH-11067)
Fix xml.dom.minidom cloneNode() on a document with an entity: pass
the correct arguments to the user data handler of an entity (fix an
old copy/paste mistake).
Bug spotted and fix proposed by Charalampos Stratakis, initial
reproducer written by Petr Viktorin.
Co-Authored-By: Charalampos Stratakis <cstratak@redhat.com> Co-Authored-By: Petr Viktorin <encukou@gmail.com>
(cherry picked from commit 8e0418688906206fe59bd26344320c0fc026849e)
bpo-35351: Pass link time optimization flags to CFLAGS_NODIST (GH-10797)
When using link time optimizations, the -flto flag is passed to
BASECFLAGS, which makes it propagate to distutils. Those flags
should be reserved for the interpreter and the stdlib extension
modules only, thus moving those flags to CFLAGS_NODIST.
(cherry picked from commit f92c7aa1ae81efa475b5aecf66e4711ef0f52c4c)
stratakis [Sun, 9 Dec 2018 08:08:43 +0000 (09:08 +0100)]
bpo-28015: Support LTO build with clang (GH-9908) (GH-10922)
.o generated by clang in LTO mode actually are LLVM bitcode files, which
leads to a few errors during configure/build step:
- add lto flags to the BASECFLAGS instead of CFLAGS, as CFLAGS are used
to build autoconf test case, and some are not compatible with clang LTO
(they assume binary in the .o, not bitcode)
- force llvm-ar instead of ar, as ar is not aware of .o files generated
by clang -flto
(cherry picked from commit 5ad36f9b21a3aa3b2265b1b43d73522cc3322df2)
bpo-35330: Don't call the wrapped object if `side_effect` is set (GH11034)
* tests: Further validate `wraps` functionality in `unittest.mock.Mock`
Add more tests to validate how `wraps` interacts with other features of
mocks.
* Don't call the wrapped object if `side_effect` is set
When a object is wrapped using `Mock(wraps=...)`, if an user sets a
`side_effect` in one of their methods, return the value of `side_effect`
and don't call the original object.
* Refactor what to be called on `mock_call`
When a `Mock` is called, it should return looking up in the following
order: `side_effect`, `return_value`, `wraps`. If any of the first two
return `mock.DEFAULT`, lookup in the next option.
It makes no sense to check for `wraps` returning default, as it is
supposed to be the original implementation and there is nothing to
fallback to.
(cherry picked from commit f05df0a4b679d0acfd0b1fe6187ba2d553b37afa)
Co-authored-by: Mario Corchero <mariocj89@gmail.com>
bpo-35363: test_eintr runs eintr_tester.py in verbose mode (GH-10965)
Moreover, "python3 -m test test_eintr -v" now avoids redirecting
stdout/stderr to a pipe, the child process inherits stdout/stderr
from the parent.
(cherry picked from commit aa8ae904ad2f576f8e7b38a9a6542d3e9a569be9)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
bpo-35310: Clear select() lists before returning upon EINTR (GH-10877)
select() calls are retried on EINTR (per PEP 475). However, if a
timeout was provided and the deadline has passed after running the
signal handlers, rlist, wlist and xlist should be cleared since select(2)
left them unmodified.
(cherry picked from commit 7f52415a6d4841d77d3b7853e83b25a22e0048dc)
Co-authored-by: Oran Avraham <252748+oranav@users.noreply.github.com>
bpo-34185: Fix test module collision in test_bdb when ran as script. (GH-8537) (GH-10936)
When running test_bdb.py as a script, `import test_module` would be
importing the existing Lib/test/test_modules.py instead of the
tempcwd/test_module.py module which was dynamically created by
test_bdb.py itself.
(cherry picked from commit 54fd45505b3a365e6d53441e6dd7e0d1ec13b46f)
Co-authored-by: Alex H <1884912+lajarre@users.noreply.github.com>
* posixpath.expanduser() now returns the input path unchanged if
the HOME environment variable is not set and pwd.getpwuid() raises
KeyError (the current user identifier doesn't exist in the password
database).
* Add test_no_home_directory() to test_site.
* PyInit_time() now returns NULL if an exception is raised.
* Rename PyInit_timezone() to init_timezone(). "PyInit_" prefix is
a special prefix for function initializing a module.
init_timezone() doesn't initialize a module and the function is not
exported.
projects / python / log