Update to 3.8.0a1
Uses tilde for prerelease information, https://docs.fedoraproject.org/en-US/packaging-guidelines/Versioning/#_versioning_prereleases_with_tilde Patches rebased: 111, 132 Patches merged upstream: 155, 170 (differently), 317 /usr/bin/pyvenv is no more
This commit is contained in:
parent
1cdc336f35
commit
1fb3c04b75
@ -1,17 +1,17 @@
|
||||
diff --git a/Makefile.pre.in b/Makefile.pre.in
|
||||
index 0db0dd0..bd8f769 100644
|
||||
index f8ff1ce..f297d05 100644
|
||||
--- a/Makefile.pre.in
|
||||
+++ b/Makefile.pre.in
|
||||
@@ -574,7 +574,7 @@ clinic: check-clean-src $(srcdir)/Modules/_blake2/blake2s_impl.c
|
||||
@@ -573,7 +573,7 @@ clinic: check-clean-src $(srcdir)/Modules/_blake2/blake2s_impl.c
|
||||
$(PYTHON_FOR_REGEN) $(srcdir)/Tools/clinic/clinic.py --make --srcdir $(srcdir)
|
||||
|
||||
# Build the interpreter
|
||||
-$(BUILDPYTHON): Programs/python.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY)
|
||||
+$(BUILDPYTHON): Programs/python.o $(LDLIBRARY) $(PY3LIBRARY)
|
||||
$(LINKCC) $(PY_CORE_LDFLAGS) $(LINKFORSHARED) -o $@ Programs/python.o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST)
|
||||
$(LINKCC) $(PY_CORE_LDFLAGS) $(LINKFORSHARED) -o $@ Programs/python.o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS)
|
||||
|
||||
platform: $(BUILDPYTHON) pybuilddir.txt
|
||||
@@ -622,12 +622,6 @@ sharedmods: $(BUILDPYTHON) pybuilddir.txt Modules/_math.o
|
||||
@@ -621,12 +621,6 @@ sharedmods: $(BUILDPYTHON) pybuilddir.txt Modules/_math.o
|
||||
_TCLTK_INCLUDES='$(TCLTK_INCLUDES)' _TCLTK_LIBS='$(TCLTK_LIBS)' \
|
||||
$(PYTHON_FOR_BUILD) $(srcdir)/setup.py $$quiet build
|
||||
|
||||
@ -21,19 +21,19 @@ index 0db0dd0..bd8f769 100644
|
||||
- -rm -f $@
|
||||
- $(AR) $(ARFLAGS) $@ $(LIBRARY_OBJS)
|
||||
-
|
||||
libpython$(LDVERSION).so: $(LIBRARY_OBJS)
|
||||
libpython$(LDVERSION).so: $(LIBRARY_OBJS) $(DTRACE_OBJS)
|
||||
if test $(INSTSONAME) != $(LDLIBRARY); then \
|
||||
$(BLDSHARED) -Wl,-h$(INSTSONAME) -o $(INSTSONAME) $(LIBRARY_OBJS) $(MODLIBS) $(SHLIBS) $(LIBC) $(LIBM) $(LDLAST); \
|
||||
@@ -715,7 +709,7 @@ Modules/Setup: $(srcdir)/Modules/Setup.dist
|
||||
echo "-----------------------------------------------"; \
|
||||
fi
|
||||
$(BLDSHARED) -Wl,-h$(INSTSONAME) -o $(INSTSONAME) $(LIBRARY_OBJS) $(MODLIBS) $(SHLIBS) $(LIBC) $(LIBM); \
|
||||
@@ -704,7 +698,7 @@ Makefile Modules/config.c: Makefile.pre \
|
||||
@echo "The Makefile was updated, you may need to re-run make."
|
||||
|
||||
|
||||
-Programs/_testembed: Programs/_testembed.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY)
|
||||
+Programs/_testembed: Programs/_testembed.o $(LDLIBRARY) $(PY3LIBRARY)
|
||||
$(LINKCC) $(PY_CORE_LDFLAGS) $(LINKFORSHARED) -o $@ Programs/_testembed.o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST)
|
||||
$(LINKCC) $(PY_CORE_LDFLAGS) $(LINKFORSHARED) -o $@ Programs/_testembed.o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS)
|
||||
|
||||
############################################################################
|
||||
@@ -1483,17 +1477,6 @@ libainstall: @DEF_MAKE_RULE@ python-config
|
||||
@@ -1545,17 +1539,6 @@ libainstall: @DEF_MAKE_RULE@ python-config
|
||||
else true; \
|
||||
fi; \
|
||||
done
|
||||
|
@ -1,6 +1,20 @@
|
||||
diff -up Python-3.2.2/Lib/unittest/case.py.add-rpmbuild-hooks-to-unittest Python-3.2.2/Lib/unittest/case.py
|
||||
--- Python-3.2.2/Lib/unittest/case.py.add-rpmbuild-hooks-to-unittest 2011-09-03 12:16:44.000000000 -0400
|
||||
+++ Python-3.2.2/Lib/unittest/case.py 2011-09-09 06:35:16.365568382 -0400
|
||||
diff --git a/Lib/unittest/__init__.py b/Lib/unittest/__init__.py
|
||||
index 5ff1bf3..4d63954 100644
|
||||
--- a/Lib/unittest/__init__.py
|
||||
+++ b/Lib/unittest/__init__.py
|
||||
@@ -58,7 +58,7 @@ __unittest = True
|
||||
|
||||
from .result import TestResult
|
||||
from .case import (addModuleCleanup, TestCase, FunctionTestCase, SkipTest, skip,
|
||||
- skipIf, skipUnless, expectedFailure)
|
||||
+ skipIf, skipUnless, expectedFailure, _skipInRpmBuild)
|
||||
from .suite import BaseTestSuite, TestSuite
|
||||
from .loader import (TestLoader, defaultTestLoader, makeSuite, getTestCaseNames,
|
||||
findTestCases)
|
||||
diff --git a/Lib/unittest/case.py b/Lib/unittest/case.py
|
||||
index a157ae8..64f912c 100644
|
||||
--- a/Lib/unittest/case.py
|
||||
+++ b/Lib/unittest/case.py
|
||||
@@ -3,6 +3,7 @@
|
||||
import sys
|
||||
import functools
|
||||
@ -9,7 +23,8 @@ diff -up Python-3.2.2/Lib/unittest/case.py.add-rpmbuild-hooks-to-unittest Python
|
||||
import logging
|
||||
import pprint
|
||||
import re
|
||||
@@ -101,5 +102,21 @@ def expectedFailure(func):
|
||||
@@ -158,6 +159,22 @@ class _BaseTestCaseContext:
|
||||
msg = self.test_case._formatMessage(self.msg, standardMsg)
|
||||
raise self.test_case.failureException(msg)
|
||||
|
||||
+# Non-standard/downstream-only hooks for handling issues with specific test
|
||||
@ -31,16 +46,3 @@ diff -up Python-3.2.2/Lib/unittest/case.py.add-rpmbuild-hooks-to-unittest Python
|
||||
class _AssertRaisesBaseContext(_BaseTestCaseContext):
|
||||
|
||||
def __init__(self, expected, test_case, expected_regex=None):
|
||||
diff -up Python-3.2.2/Lib/unittest/__init__.py.add-rpmbuild-hooks-to-unittest Python-3.2.2/Lib/unittest/__init__.py
|
||||
--- Python-3.2.2/Lib/unittest/__init__.py.add-rpmbuild-hooks-to-unittest 2011-09-03 12:16:44.000000000 -0400
|
||||
+++ Python-3.2.2/Lib/unittest/__init__.py 2011-09-09 06:35:16.366568382 -0400
|
||||
@@ -57,7 +57,8 @@ __unittest = True
|
||||
|
||||
from .result import TestResult
|
||||
from .case import (TestCase, FunctionTestCase, SkipTest, skip, skipIf,
|
||||
- skipUnless, expectedFailure)
|
||||
+ skipUnless, expectedFailure,
|
||||
+ _skipInRpmBuild)
|
||||
from .suite import BaseTestSuite, TestSuite
|
||||
from .loader import (TestLoader, defaultTestLoader, makeSuite, getTestCaseNames,
|
||||
findTestCases)
|
||||
|
@ -1,15 +0,0 @@
|
||||
diff -up Python-3.2.3/Lib/ctypes/__init__.py.rhbz814391 Python-3.2.3/Lib/ctypes/__init__.py
|
||||
--- Python-3.2.3/Lib/ctypes/__init__.py.rhbz814391 2012-04-20 15:12:49.017867692 -0400
|
||||
+++ Python-3.2.3/Lib/ctypes/__init__.py 2012-04-20 15:15:09.501111408 -0400
|
||||
@@ -275,11 +275,6 @@ def _reset_cache():
|
||||
# _SimpleCData.c_char_p_from_param
|
||||
POINTER(c_char).from_param = c_char_p.from_param
|
||||
_pointer_type_cache[None] = c_void_p
|
||||
- # XXX for whatever reasons, creating the first instance of a callback
|
||||
- # function is needed for the unittests on Win64 to succeed. This MAY
|
||||
- # be a compiler bug, since the problem occurs only when _ctypes is
|
||||
- # compiled with the MS SDK compiler. Or an uninitialized variable?
|
||||
- CFUNCTYPE(c_int)(lambda: None)
|
||||
|
||||
def create_unicode_buffer(init, size=None):
|
||||
"""create_unicode_buffer(aString) -> character array
|
@ -1,311 +0,0 @@
|
||||
diff --git a/Include/object.h b/Include/object.h
|
||||
index c772dea..5729797 100644
|
||||
--- a/Include/object.h
|
||||
+++ b/Include/object.h
|
||||
@@ -1098,6 +1098,49 @@ PyAPI_FUNC(void)
|
||||
_PyObject_DebugTypeStats(FILE *out);
|
||||
#endif /* ifndef Py_LIMITED_API */
|
||||
|
||||
+/*
|
||||
+ Define a pair of assertion macros.
|
||||
+
|
||||
+ These work like the regular C assert(), in that they will abort the
|
||||
+ process with a message on stderr if the given condition fails to hold,
|
||||
+ but compile away to nothing if NDEBUG is defined.
|
||||
+
|
||||
+ However, before aborting, Python will also try to call _PyObject_Dump() on
|
||||
+ the given object. This may be of use when investigating bugs in which a
|
||||
+ particular object is corrupt (e.g. buggy a tp_visit method in an extension
|
||||
+ module breaking the garbage collector), to help locate the broken objects.
|
||||
+
|
||||
+ The WITH_MSG variant allows you to supply an additional message that Python
|
||||
+ will attempt to print to stderr, after the object dump.
|
||||
+*/
|
||||
+#ifdef NDEBUG
|
||||
+/* No debugging: compile away the assertions: */
|
||||
+#define PyObject_ASSERT_WITH_MSG(obj, expr, msg) ((void)0)
|
||||
+#else
|
||||
+/* With debugging: generate checks: */
|
||||
+#define PyObject_ASSERT_WITH_MSG(obj, expr, msg) \
|
||||
+ ((expr) \
|
||||
+ ? (void)(0) \
|
||||
+ : _PyObject_AssertFailed((obj), \
|
||||
+ (msg), \
|
||||
+ (__STRING(expr)), \
|
||||
+ (__FILE__), \
|
||||
+ (__LINE__), \
|
||||
+ (__PRETTY_FUNCTION__)))
|
||||
+#endif
|
||||
+
|
||||
+#define PyObject_ASSERT(obj, expr) \
|
||||
+ PyObject_ASSERT_WITH_MSG(obj, expr, NULL)
|
||||
+
|
||||
+/*
|
||||
+ Declare and define the entrypoint even when NDEBUG is defined, to avoid
|
||||
+ causing compiler/linker errors when building extensions without NDEBUG
|
||||
+ against a Python built with NDEBUG defined
|
||||
+*/
|
||||
+PyAPI_FUNC(void) _PyObject_AssertFailed(PyObject *, const char *,
|
||||
+ const char *, const char *, int,
|
||||
+ const char *);
|
||||
+
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
diff --git a/Lib/test/test_gc.py b/Lib/test/test_gc.py
|
||||
index 8d806db..dc8bb16 100644
|
||||
--- a/Lib/test/test_gc.py
|
||||
+++ b/Lib/test/test_gc.py
|
||||
@@ -1,10 +1,12 @@
|
||||
import unittest
|
||||
from test.support import (verbose, refcount_test, run_unittest,
|
||||
strip_python_stderr, cpython_only, start_threads,
|
||||
- temp_dir, requires_type_collecting, TESTFN, unlink)
|
||||
+ temp_dir, requires_type_collecting, TESTFN, unlink,
|
||||
+ import_module)
|
||||
from test.support.script_helper import assert_python_ok, make_script
|
||||
|
||||
import sys
|
||||
+import sysconfig
|
||||
import time
|
||||
import gc
|
||||
import weakref
|
||||
@@ -46,6 +48,8 @@ class GC_Detector(object):
|
||||
# gc collects it.
|
||||
self.wr = weakref.ref(C1055820(666), it_happened)
|
||||
|
||||
+BUILD_WITH_NDEBUG = ('-DNDEBUG' in sysconfig.get_config_vars()['PY_CFLAGS'])
|
||||
+
|
||||
@with_tp_del
|
||||
class Uncollectable(object):
|
||||
"""Create a reference cycle with multiple __del__ methods.
|
||||
@@ -878,6 +882,50 @@ class GCCallbackTests(unittest.TestCase):
|
||||
self.assertEqual(len(gc.garbage), 0)
|
||||
|
||||
|
||||
+ @unittest.skipIf(BUILD_WITH_NDEBUG,
|
||||
+ 'built with -NDEBUG')
|
||||
+ def test_refcount_errors(self):
|
||||
+ self.preclean()
|
||||
+ # Verify the "handling" of objects with broken refcounts
|
||||
+ import_module("ctypes") #skip if not supported
|
||||
+
|
||||
+ import subprocess
|
||||
+ code = '''if 1:
|
||||
+ a = []
|
||||
+ b = [a]
|
||||
+
|
||||
+ # Simulate the refcount of "a" being too low (compared to the
|
||||
+ # references held on it by live data), but keeping it above zero
|
||||
+ # (to avoid deallocating it):
|
||||
+ import ctypes
|
||||
+ ctypes.pythonapi.Py_DecRef(ctypes.py_object(a))
|
||||
+
|
||||
+ # The garbage collector should now have a fatal error when it reaches
|
||||
+ # the broken object:
|
||||
+ import gc
|
||||
+ gc.collect()
|
||||
+ '''
|
||||
+ p = subprocess.Popen([sys.executable, "-c", code],
|
||||
+ stdout=subprocess.PIPE,
|
||||
+ stderr=subprocess.PIPE)
|
||||
+ stdout, stderr = p.communicate()
|
||||
+ p.stdout.close()
|
||||
+ p.stderr.close()
|
||||
+ # Verify that stderr has a useful error message:
|
||||
+ self.assertRegex(stderr,
|
||||
+ b'Modules/gcmodule.c:[0-9]+: visit_decref: Assertion "\(\(gc\)->gc.gc_refs >> \(1\)\) != 0" failed.')
|
||||
+ self.assertRegex(stderr,
|
||||
+ b'refcount was too small')
|
||||
+ self.assertRegex(stderr,
|
||||
+ b'object : \[\]')
|
||||
+ self.assertRegex(stderr,
|
||||
+ b'type : list')
|
||||
+ self.assertRegex(stderr,
|
||||
+ b'refcount: 1')
|
||||
+ self.assertRegex(stderr,
|
||||
+ b'address : 0x[0-9a-f]+')
|
||||
+
|
||||
+
|
||||
class GCTogglingTests(unittest.TestCase):
|
||||
def setUp(self):
|
||||
gc.enable()
|
||||
diff --git a/Modules/gcmodule.c b/Modules/gcmodule.c
|
||||
index 4d701cb..388dd78 100644
|
||||
--- a/Modules/gcmodule.c
|
||||
+++ b/Modules/gcmodule.c
|
||||
@@ -239,7 +239,8 @@ update_refs(PyGC_Head *containers)
|
||||
{
|
||||
PyGC_Head *gc = containers->gc.gc_next;
|
||||
for (; gc != containers; gc = gc->gc.gc_next) {
|
||||
- assert(_PyGCHead_REFS(gc) == GC_REACHABLE);
|
||||
+ PyObject_ASSERT(FROM_GC(gc),
|
||||
+ _PyGCHead_REFS(gc) == GC_REACHABLE);
|
||||
_PyGCHead_SET_REFS(gc, Py_REFCNT(FROM_GC(gc)));
|
||||
/* Python's cyclic gc should never see an incoming refcount
|
||||
* of 0: if something decref'ed to 0, it should have been
|
||||
@@ -259,7 +260,8 @@ update_refs(PyGC_Head *containers)
|
||||
* so serious that maybe this should be a release-build
|
||||
* check instead of an assert?
|
||||
*/
|
||||
- assert(_PyGCHead_REFS(gc) != 0);
|
||||
+ PyObject_ASSERT(FROM_GC(gc),
|
||||
+ _PyGCHead_REFS(gc) != 0);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -274,7 +276,9 @@ visit_decref(PyObject *op, void *data)
|
||||
* generation being collected, which can be recognized
|
||||
* because only they have positive gc_refs.
|
||||
*/
|
||||
- assert(_PyGCHead_REFS(gc) != 0); /* else refcount was too small */
|
||||
+ PyObject_ASSERT_WITH_MSG(FROM_GC(gc),
|
||||
+ _PyGCHead_REFS(gc) != 0,
|
||||
+ "refcount was too small"); /* else refcount was too small */
|
||||
if (_PyGCHead_REFS(gc) > 0)
|
||||
_PyGCHead_DECREF(gc);
|
||||
}
|
||||
@@ -334,9 +338,10 @@ visit_reachable(PyObject *op, PyGC_Head *reachable)
|
||||
* If gc_refs == GC_UNTRACKED, it must be ignored.
|
||||
*/
|
||||
else {
|
||||
- assert(gc_refs > 0
|
||||
- || gc_refs == GC_REACHABLE
|
||||
- || gc_refs == GC_UNTRACKED);
|
||||
+ PyObject_ASSERT(FROM_GC(gc),
|
||||
+ gc_refs > 0
|
||||
+ || gc_refs == GC_REACHABLE
|
||||
+ || gc_refs == GC_UNTRACKED);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
@@ -378,7 +383,7 @@ move_unreachable(PyGC_Head *young, PyGC_Head *unreachable)
|
||||
*/
|
||||
PyObject *op = FROM_GC(gc);
|
||||
traverseproc traverse = Py_TYPE(op)->tp_traverse;
|
||||
- assert(_PyGCHead_REFS(gc) > 0);
|
||||
+ PyObject_ASSERT(op, _PyGCHead_REFS(gc) > 0);
|
||||
_PyGCHead_SET_REFS(gc, GC_REACHABLE);
|
||||
(void) traverse(op,
|
||||
(visitproc)visit_reachable,
|
||||
@@ -441,7 +446,7 @@ move_legacy_finalizers(PyGC_Head *unreachable, PyGC_Head *finalizers)
|
||||
for (gc = unreachable->gc.gc_next; gc != unreachable; gc = next) {
|
||||
PyObject *op = FROM_GC(gc);
|
||||
|
||||
- assert(IS_TENTATIVELY_UNREACHABLE(op));
|
||||
+ PyObject_ASSERT(op, IS_TENTATIVELY_UNREACHABLE(op));
|
||||
next = gc->gc.gc_next;
|
||||
|
||||
if (has_legacy_finalizer(op)) {
|
||||
@@ -517,7 +522,7 @@ handle_weakrefs(PyGC_Head *unreachable, PyGC_Head *old)
|
||||
PyWeakReference **wrlist;
|
||||
|
||||
op = FROM_GC(gc);
|
||||
- assert(IS_TENTATIVELY_UNREACHABLE(op));
|
||||
+ PyObject_ASSERT(op, IS_TENTATIVELY_UNREACHABLE(op));
|
||||
next = gc->gc.gc_next;
|
||||
|
||||
if (! PyType_SUPPORTS_WEAKREFS(Py_TYPE(op)))
|
||||
@@ -538,9 +543,9 @@ handle_weakrefs(PyGC_Head *unreachable, PyGC_Head *old)
|
||||
* the callback pointer intact. Obscure: it also
|
||||
* changes *wrlist.
|
||||
*/
|
||||
- assert(wr->wr_object == op);
|
||||
+ PyObject_ASSERT(wr->wr_object, wr->wr_object == op);
|
||||
_PyWeakref_ClearRef(wr);
|
||||
- assert(wr->wr_object == Py_None);
|
||||
+ PyObject_ASSERT(wr->wr_object, wr->wr_object == Py_None);
|
||||
if (wr->wr_callback == NULL)
|
||||
continue; /* no callback */
|
||||
|
||||
@@ -574,7 +579,7 @@ handle_weakrefs(PyGC_Head *unreachable, PyGC_Head *old)
|
||||
*/
|
||||
if (IS_TENTATIVELY_UNREACHABLE(wr))
|
||||
continue;
|
||||
- assert(IS_REACHABLE(wr));
|
||||
+ PyObject_ASSERT(op, IS_REACHABLE(wr));
|
||||
|
||||
/* Create a new reference so that wr can't go away
|
||||
* before we can process it again.
|
||||
@@ -583,7 +588,8 @@ handle_weakrefs(PyGC_Head *unreachable, PyGC_Head *old)
|
||||
|
||||
/* Move wr to wrcb_to_call, for the next pass. */
|
||||
wrasgc = AS_GC(wr);
|
||||
- assert(wrasgc != next); /* wrasgc is reachable, but
|
||||
+ PyObject_ASSERT(op, wrasgc != next);
|
||||
+ /* wrasgc is reachable, but
|
||||
next isn't, so they can't
|
||||
be the same */
|
||||
gc_list_move(wrasgc, &wrcb_to_call);
|
||||
@@ -599,11 +605,11 @@ handle_weakrefs(PyGC_Head *unreachable, PyGC_Head *old)
|
||||
|
||||
gc = wrcb_to_call.gc.gc_next;
|
||||
op = FROM_GC(gc);
|
||||
- assert(IS_REACHABLE(op));
|
||||
- assert(PyWeakref_Check(op));
|
||||
+ PyObject_ASSERT(op, IS_REACHABLE(op));
|
||||
+ PyObject_ASSERT(op, PyWeakref_Check(op));
|
||||
wr = (PyWeakReference *)op;
|
||||
callback = wr->wr_callback;
|
||||
- assert(callback != NULL);
|
||||
+ PyObject_ASSERT(op, callback != NULL);
|
||||
|
||||
/* copy-paste of weakrefobject.c's handle_callback() */
|
||||
temp = PyObject_CallFunctionObjArgs(callback, wr, NULL);
|
||||
@@ -717,12 +723,14 @@ check_garbage(PyGC_Head *collectable)
|
||||
for (gc = collectable->gc.gc_next; gc != collectable;
|
||||
gc = gc->gc.gc_next) {
|
||||
_PyGCHead_SET_REFS(gc, Py_REFCNT(FROM_GC(gc)));
|
||||
- assert(_PyGCHead_REFS(gc) != 0);
|
||||
+ PyObject_ASSERT(FROM_GC(gc),
|
||||
+ _PyGCHead_REFS(gc) != 0);
|
||||
}
|
||||
subtract_refs(collectable);
|
||||
for (gc = collectable->gc.gc_next; gc != collectable;
|
||||
gc = gc->gc.gc_next) {
|
||||
- assert(_PyGCHead_REFS(gc) >= 0);
|
||||
+ PyObject_ASSERT(FROM_GC(gc),
|
||||
+ _PyGCHead_REFS(gc) >= 0);
|
||||
if (_PyGCHead_REFS(gc) != 0)
|
||||
return -1;
|
||||
}
|
||||
diff --git a/Objects/object.c b/Objects/object.c
|
||||
index 220aa90..f6c7161 100644
|
||||
--- a/Objects/object.c
|
||||
+++ b/Objects/object.c
|
||||
@@ -2177,6 +2177,35 @@ _PyTrash_thread_destroy_chain(void)
|
||||
--tstate->trash_delete_nesting;
|
||||
}
|
||||
|
||||
+PyAPI_FUNC(void)
|
||||
+_PyObject_AssertFailed(PyObject *obj, const char *msg, const char *expr,
|
||||
+ const char *file, int line, const char *function)
|
||||
+{
|
||||
+ fprintf(stderr,
|
||||
+ "%s:%d: %s: Assertion \"%s\" failed.\n",
|
||||
+ file, line, function, expr);
|
||||
+ if (msg) {
|
||||
+ fprintf(stderr, "%s\n", msg);
|
||||
+ }
|
||||
+
|
||||
+ fflush(stderr);
|
||||
+
|
||||
+ if (obj) {
|
||||
+ /* This might succeed or fail, but we're about to abort, so at least
|
||||
+ try to provide any extra info we can: */
|
||||
+ _PyObject_Dump(obj);
|
||||
+ }
|
||||
+ else {
|
||||
+ fprintf(stderr, "NULL object\n");
|
||||
+ }
|
||||
+
|
||||
+ fflush(stdout);
|
||||
+ fflush(stderr);
|
||||
+
|
||||
+ /* Terminate the process: */
|
||||
+ abort();
|
||||
+}
|
||||
+
|
||||
#ifndef Py_TRACE_REFS
|
||||
/* For Py_LIMITED_API, we need an out-of-line version of _Py_Dealloc.
|
||||
Define this here, so we can undefine the macro. */
|
@ -1,111 +0,0 @@
|
||||
From c660debb97f4f422255a82fef2d77804552c043a Mon Sep 17 00:00:00 2001
|
||||
From: Christian Heimes <christian@python.org>
|
||||
Date: Tue, 15 Jan 2019 18:16:30 +0100
|
||||
Subject: [PATCH] bpo-35746: Fix segfault in ssl's cert parser
|
||||
|
||||
CVE-2019-5010, Fix a NULL pointer deref in ssl module. The cert parser did
|
||||
not handle CRL distribution points with empty DP or URI correctly. A
|
||||
malicious or buggy certificate can result into segfault.
|
||||
|
||||
Signed-off-by: Christian Heimes <christian@python.org>
|
||||
---
|
||||
Lib/test/talos-2019-0758.pem | 22 +++++++++++++++++++
|
||||
Lib/test/test_ssl.py | 22 +++++++++++++++++++
|
||||
.../2019-01-15-18-16-05.bpo-35746.nMSd0j.rst | 3 +++
|
||||
Modules/_ssl.c | 4 ++++
|
||||
4 files changed, 51 insertions(+)
|
||||
create mode 100644 Lib/test/talos-2019-0758.pem
|
||||
create mode 100644 Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
|
||||
|
||||
diff --git a/Lib/test/talos-2019-0758.pem b/Lib/test/talos-2019-0758.pem
|
||||
new file mode 100644
|
||||
index 000000000000..13b95a77fd8a
|
||||
--- /dev/null
|
||||
+++ b/Lib/test/talos-2019-0758.pem
|
||||
@@ -0,0 +1,22 @@
|
||||
+-----BEGIN CERTIFICATE-----
|
||||
+MIIDqDCCApKgAwIBAgIBAjALBgkqhkiG9w0BAQswHzELMAkGA1UEBhMCVUsxEDAO
|
||||
+BgNVBAMTB2NvZHktY2EwHhcNMTgwNjE4MTgwMDU4WhcNMjgwNjE0MTgwMDU4WjA7
|
||||
+MQswCQYDVQQGEwJVSzEsMCoGA1UEAxMjY29kZW5vbWljb24tdm0tMi50ZXN0Lmxh
|
||||
+bC5jaXNjby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC63fGB
|
||||
+J80A9Av1GB0bptslKRIUtJm8EeEu34HkDWbL6AJY0P8WfDtlXjlPaLqFa6sqH6ES
|
||||
+V48prSm1ZUbDSVL8R6BYVYpOlK8/48xk4pGTgRzv69gf5SGtQLwHy8UPBKgjSZoD
|
||||
+5a5k5wJXGswhKFFNqyyxqCvWmMnJWxXTt2XDCiWc4g4YAWi4O4+6SeeHVAV9rV7C
|
||||
+1wxqjzKovVe2uZOHjKEzJbbIU6JBPb6TRfMdRdYOw98n1VXDcKVgdX2DuuqjCzHP
|
||||
+WhU4Tw050M9NaK3eXp4Mh69VuiKoBGOLSOcS8reqHIU46Reg0hqeL8LIL6OhFHIF
|
||||
+j7HR6V1X6F+BfRS/AgMBAAGjgdYwgdMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUOktp
|
||||
+HQjxDXXUg8prleY9jeLKeQ4wTwYDVR0jBEgwRoAUx6zgPygZ0ZErF9sPC4+5e2Io
|
||||
+UU+hI6QhMB8xCzAJBgNVBAYTAlVLMRAwDgYDVQQDEwdjb2R5LWNhggkA1QEAuwb7
|
||||
+2s0wCQYDVR0SBAIwADAuBgNVHREEJzAlgiNjb2Rlbm9taWNvbi12bS0yLnRlc3Qu
|
||||
+bGFsLmNpc2NvLmNvbTAOBgNVHQ8BAf8EBAMCBaAwCwYDVR0fBAQwAjAAMAsGCSqG
|
||||
+SIb3DQEBCwOCAQEAvqantx2yBlM11RoFiCfi+AfSblXPdrIrHvccepV4pYc/yO6p
|
||||
+t1f2dxHQb8rWH3i6cWag/EgIZx+HJQvo0rgPY1BFJsX1WnYf1/znZpkUBGbVmlJr
|
||||
+t/dW1gSkNS6sPsM0Q+7HPgEv8CPDNK5eo7vU2seE0iWOkxSyVUuiCEY9ZVGaLVit
|
||||
+p0C78nZ35Pdv4I+1cosmHl28+es1WI22rrnmdBpH8J1eY6WvUw2xuZHLeNVN0TzV
|
||||
+Q3qq53AaCWuLOD1AjESWuUCxMZTK9DPS4JKXTK8RLyDeqOvJGjsSWp3kL0y3GaQ+
|
||||
+10T1rfkKJub2+m9A9duin1fn6tHc2wSvB7m3DA==
|
||||
+-----END CERTIFICATE-----
|
||||
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
|
||||
index 7f6b93148f45..1fc657f4d867 100644
|
||||
--- a/Lib/test/test_ssl.py
|
||||
+++ b/Lib/test/test_ssl.py
|
||||
@@ -115,6 +115,7 @@ def data_file(*name):
|
||||
BADKEY = data_file("badkey.pem")
|
||||
NOKIACERT = data_file("nokia.pem")
|
||||
NULLBYTECERT = data_file("nullbytecert.pem")
|
||||
+TALOS_INVALID_CRLDP = data_file("talos-2019-0758.pem")
|
||||
|
||||
DHFILE = data_file("ffdh3072.pem")
|
||||
BYTES_DHFILE = os.fsencode(DHFILE)
|
||||
@@ -348,6 +349,27 @@ def test_parse_cert(self):
|
||||
self.assertEqual(p['crlDistributionPoints'],
|
||||
('http://SVRIntl-G3-crl.verisign.com/SVRIntlG3.crl',))
|
||||
|
||||
+ def test_parse_cert_CVE_2019_5010(self):
|
||||
+ p = ssl._ssl._test_decode_cert(TALOS_INVALID_CRLDP)
|
||||
+ if support.verbose:
|
||||
+ sys.stdout.write("\n" + pprint.pformat(p) + "\n")
|
||||
+ self.assertEqual(
|
||||
+ p,
|
||||
+ {
|
||||
+ 'issuer': (
|
||||
+ (('countryName', 'UK'),), (('commonName', 'cody-ca'),)),
|
||||
+ 'notAfter': 'Jun 14 18:00:58 2028 GMT',
|
||||
+ 'notBefore': 'Jun 18 18:00:58 2018 GMT',
|
||||
+ 'serialNumber': '02',
|
||||
+ 'subject': ((('countryName', 'UK'),),
|
||||
+ (('commonName',
|
||||
+ 'codenomicon-vm-2.test.lal.cisco.com'),)),
|
||||
+ 'subjectAltName': (
|
||||
+ ('DNS', 'codenomicon-vm-2.test.lal.cisco.com'),),
|
||||
+ 'version': 3
|
||||
+ }
|
||||
+ )
|
||||
+
|
||||
def test_parse_cert_CVE_2013_4238(self):
|
||||
p = ssl._ssl._test_decode_cert(NULLBYTECERT)
|
||||
if support.verbose:
|
||||
diff --git a/Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst b/Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
|
||||
new file mode 100644
|
||||
index 000000000000..dffe347eec84
|
||||
--- /dev/null
|
||||
+++ b/Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
|
||||
@@ -0,0 +1,3 @@
|
||||
+[CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did
|
||||
+not handle CRL distribution points with empty DP or URI correctly. A
|
||||
+malicious or buggy certificate can result into segfault.
|
||||
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
|
||||
index 4e3352d9e661..0e720e268d93 100644
|
||||
--- a/Modules/_ssl.c
|
||||
+++ b/Modules/_ssl.c
|
||||
@@ -1515,6 +1515,10 @@ _get_crl_dp(X509 *certificate) {
|
||||
STACK_OF(GENERAL_NAME) *gns;
|
||||
|
||||
dp = sk_DIST_POINT_value(dps, i);
|
||||
+ if (dp->distpoint == NULL) {
|
||||
+ /* Ignore empty DP value, CVE-2019-5010 */
|
||||
+ continue;
|
||||
+ }
|
||||
gns = dp->distpoint->name.fullname;
|
||||
|
||||
for (j=0; j < sk_GENERAL_NAME_num(gns); j++) {
|
51
python3.spec
51
python3.spec
@ -2,10 +2,10 @@
|
||||
# Top-level metadata
|
||||
# ==================
|
||||
|
||||
%global pybasever 3.7
|
||||
%global pybasever 3.8
|
||||
|
||||
# pybasever without the dot:
|
||||
%global pyshortver 37
|
||||
%global pyshortver 38
|
||||
|
||||
Name: python3
|
||||
Summary: Interpreter of the Python programming language
|
||||
@ -13,8 +13,11 @@ URL: https://www.python.org/
|
||||
|
||||
# WARNING When rebasing to a new Python version,
|
||||
# remember to update the python3-docs package as well
|
||||
Version: %{pybasever}.2
|
||||
Release: 5%{?dist}
|
||||
%global general_version %{pybasever}.0
|
||||
%global prerel a1
|
||||
%global upstream_version %{general_version}%{?prerel}
|
||||
Version: %{general_version}%{?prerel:~%{prerel}}
|
||||
Release: 1%{?dist}
|
||||
License: Python
|
||||
|
||||
|
||||
@ -197,7 +200,7 @@ BuildRequires: python-pip-wheel
|
||||
# Source code and patches
|
||||
# =======================
|
||||
|
||||
Source: https://www.python.org/ftp/python/%{version}/Python-%{version}%{?prerel}.tar.xz
|
||||
Source: https://www.python.org/ftp/python/%{general_version}/Python-%{upstream_version}.tar.xz
|
||||
|
||||
# A simple script to check timestamps of bytecode files
|
||||
# Run in check section with Python that is currently being built
|
||||
@ -242,13 +245,6 @@ Patch111: 00111-no-static-lib.patch
|
||||
# these unittest hooks in their own "check" phases)
|
||||
Patch132: 00132-add-rpmbuild-hooks-to-unittest.patch
|
||||
|
||||
# 00155 #
|
||||
# Avoid allocating thunks in ctypes unless absolutely necessary, to avoid
|
||||
# generating SELinux denials on "import ctypes" and "import uuid" when
|
||||
# embedding Python within httpd
|
||||
# See https://bugzilla.redhat.com/show_bug.cgi?id=814391
|
||||
Patch155: 00155-avoid-ctypes-thunks.patch
|
||||
|
||||
# 00160 #
|
||||
# Python 3.3 added os.SEEK_DATA and os.SEEK_HOLE, which may be present in the
|
||||
# header files in the build chroot, but may not be supported in the running
|
||||
@ -263,16 +259,6 @@ Patch160: 00160-disable-test_fs_holes-in-rpm-build.patch
|
||||
# Not yet sent upstream
|
||||
Patch163: 00163-disable-parts-of-test_socket-in-rpm-build.patch
|
||||
|
||||
# 00170 #
|
||||
# In debug builds, try to print repr() when a C-level assert fails in the
|
||||
# garbage collector (typically indicating a reference-counting error
|
||||
# somewhere else e.g in an extension module)
|
||||
# The new macros/functions within gcmodule.c are hidden to avoid exposing
|
||||
# them within the extension API.
|
||||
# Sent upstream: http://bugs.python.org/issue9263
|
||||
# See https://bugzilla.redhat.com/show_bug.cgi?id=614680
|
||||
Patch170: 00170-gc-assertions.patch
|
||||
|
||||
# 00178 #
|
||||
# Don't duplicate various FLAGS in sysconfig values
|
||||
# http://bugs.python.org/issue17679
|
||||
@ -305,11 +291,6 @@ Patch274: 00274-fix-arch-names.patch
|
||||
# So we mark the command as unsupported - and the tests are skipped
|
||||
Patch316: 00316-mark-bdist_wininst-unsupported.patch
|
||||
|
||||
# 00317 #
|
||||
# Security fix for CVE-2019-5010: Fix segfault in ssl's cert parser
|
||||
# Fixed upstream https://bugs.python.org/issue35746
|
||||
Patch317: 00317-CVE-2019-5010.patch
|
||||
|
||||
# (New patches go here ^^^)
|
||||
#
|
||||
# When adding new patches to "python" and "python3" in Fedora, EL, etc.,
|
||||
@ -580,7 +561,7 @@ version once Python %{pybasever} is stable.
|
||||
# ======================================================
|
||||
|
||||
%prep
|
||||
%setup -q -n Python-%{version}%{?prerel}
|
||||
%setup -q -n Python-%{upstream_version}
|
||||
# Remove all exe files to ensure we are not shipping prebuilt binaries
|
||||
# note that those are only used to create Microsoft Windows installers
|
||||
# and that functionality is broken on Linux anyway
|
||||
@ -599,10 +580,8 @@ rm -r Modules/expat
|
||||
%endif
|
||||
%patch111 -p1
|
||||
%patch132 -p1
|
||||
%patch155 -p1
|
||||
%patch160 -p1
|
||||
%patch163 -p1
|
||||
%patch170 -p1
|
||||
%patch178 -p1
|
||||
|
||||
%if %{with rpmwheels}
|
||||
@ -614,7 +593,6 @@ rm Lib/ensurepip/_bundled/*.whl
|
||||
%patch251 -p1
|
||||
%patch274 -p1
|
||||
%patch316 -p1
|
||||
%patch317 -p1
|
||||
|
||||
|
||||
# Remove files that should be generated by the build
|
||||
@ -942,7 +920,6 @@ rm %{buildroot}%{_bindir}/pygettext3.py
|
||||
rm %{buildroot}%{_bindir}/msgfmt3.py
|
||||
rm %{buildroot}%{_bindir}/idle3
|
||||
rm %{buildroot}%{_bindir}/python3-*
|
||||
rm %{buildroot}%{_bindir}/pyvenv
|
||||
rm %{buildroot}%{_bindir}/2to3
|
||||
rm %{buildroot}%{_libdir}/libpython3.so
|
||||
rm %{buildroot}%{_mandir}/man1/python3.1*
|
||||
@ -1048,14 +1025,12 @@ CheckPython optimized
|
||||
%if %{without flatpackage}
|
||||
%{_bindir}/pydoc*
|
||||
%{_bindir}/python3
|
||||
%{_bindir}/pyvenv
|
||||
%else
|
||||
%{_bindir}/pydoc%{pybasever}
|
||||
%endif
|
||||
|
||||
%{_bindir}/python%{pybasever}
|
||||
%{_bindir}/python%{pybasever}m
|
||||
%{_bindir}/pyvenv-%{pybasever}
|
||||
%{_mandir}/*/*
|
||||
|
||||
|
||||
@ -1186,6 +1161,7 @@ CheckPython optimized
|
||||
%{dynload_dir}/nis.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/ossaudiodev.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/parser.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/_posixshmem.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/pyexpat.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/readline.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/resource.%{SOABI_optimized}.so
|
||||
@ -1197,6 +1173,7 @@ CheckPython optimized
|
||||
%{dynload_dir}/unicodedata.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/_uuid.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/xxlimited.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/_xxsubinterpreters.%{SOABI_optimized}.so
|
||||
%{dynload_dir}/zlib.%{SOABI_optimized}.so
|
||||
|
||||
%dir %{pylibdir}/site-packages/
|
||||
@ -1301,6 +1278,7 @@ CheckPython optimized
|
||||
%endif
|
||||
%{_includedir}/python%{LDVERSION_optimized}/*.h
|
||||
%{_includedir}/python%{LDVERSION_optimized}/internal/
|
||||
%{_includedir}/python%{LDVERSION_optimized}/cpython/
|
||||
%doc Misc/README.valgrind Misc/valgrind-python.supp Misc/gdbinit
|
||||
|
||||
%if %{without flatpackage}
|
||||
@ -1457,6 +1435,7 @@ CheckPython optimized
|
||||
%{dynload_dir}/nis.%{SOABI_debug}.so
|
||||
%{dynload_dir}/ossaudiodev.%{SOABI_debug}.so
|
||||
%{dynload_dir}/parser.%{SOABI_debug}.so
|
||||
%{dynload_dir}/_posixshmem.%{SOABI_debug}.so
|
||||
%{dynload_dir}/pyexpat.%{SOABI_debug}.so
|
||||
%{dynload_dir}/readline.%{SOABI_debug}.so
|
||||
%{dynload_dir}/resource.%{SOABI_debug}.so
|
||||
@ -1467,6 +1446,7 @@ CheckPython optimized
|
||||
%{dynload_dir}/_testmultiphase.%{SOABI_debug}.so
|
||||
%{dynload_dir}/unicodedata.%{SOABI_debug}.so
|
||||
%{dynload_dir}/_uuid.%{SOABI_debug}.so
|
||||
%{dynload_dir}/_xxsubinterpreters.%{SOABI_debug}.so
|
||||
%{dynload_dir}/_xxtestfuzz.%{SOABI_debug}.so
|
||||
%{dynload_dir}/zlib.%{SOABI_debug}.so
|
||||
|
||||
@ -1521,6 +1501,9 @@ CheckPython optimized
|
||||
# ======================================================
|
||||
|
||||
%changelog
|
||||
* Tue Feb 05 2019 Miro Hrončok <mhroncok@redhat.com> - 3.8.0~a1-1
|
||||
- Update to 3.8.0a1
|
||||
|
||||
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.2-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (Python-3.7.2.tar.xz) = 6cd2d6d8455558783b99d55985cd7b22d67b98f41a09b4fdd96f680a630a4e035220d2b903f8c59ed513aa5ffe6730fa947ddb55bb72ce36f0e945ef8af5d971
|
||||
SHA512 (Python-3.8.0a1.tar.xz) = 81e0aea4cf37f432d72464579f1b97db574496fa7105c7b2e02caed2e27d95288f21605666e80b60a01c66afb115714004b4a219b31ce21c8f732828b70b24e2
|
||||
|
Loading…
Reference in New Issue
Block a user