From 63af5238acbbc89f41f35b838a20aa4e53a402f7 Mon Sep 17 00:00:00 2001 From: Vedant Ravindra Dhoke <66007382+vedant713@users.noreply.github.com> Date: Sat, 17 May 2025 16:01:06 -0400 Subject: [PATCH 1/9] Add files via upload --- .../2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst new file mode 100644 index 00000000000000..9deb203b30260c --- /dev/null +++ b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst @@ -0,0 +1,4 @@ +.. gh-issue: 134070 +.. section: Core and Builtins + +Fixed an out-of-bounds read in the generic implementation of `mi_clz32` and `mi_ctz32` in the integrated mimalloc allocator. This bug could occur on platforms with 64-bit `unsigned long` values. Based on upstream fix from microsoft/mimalloc. From 660e3fa9da02a74380bb164a38073eb18a2fc367 Mon Sep 17 00:00:00 2001 From: Vedant Ravindra Dhoke <66007382+vedant713@users.noreply.github.com> Date: Sat, 17 May 2025 16:03:59 -0400 Subject: [PATCH 2/9] Delete Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst --- .../2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst deleted file mode 100644 index 9deb203b30260c..00000000000000 --- a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst +++ /dev/null @@ -1,4 +0,0 @@ -.. gh-issue: 134070 -.. section: Core and Builtins - -Fixed an out-of-bounds read in the generic implementation of `mi_clz32` and `mi_ctz32` in the integrated mimalloc allocator. This bug could occur on platforms with 64-bit `unsigned long` values. Based on upstream fix from microsoft/mimalloc. From 960e2661f5bc64c6a9ecfc7025063b532cae22a1 Mon Sep 17 00:00:00 2001 From: Vedant Ravindra Dhoke <66007382+vedant713@users.noreply.github.com> Date: Sat, 17 May 2025 16:05:04 -0400 Subject: [PATCH 3/9] gh-134070: Fix mi_clz32/mi_ctz32 to prevent out-of-bounds read (pythonGH-134149) --- .../2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst new file mode 100644 index 00000000000000..267bcef668f339 --- /dev/null +++ b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst @@ -0,0 +1,4 @@ +.. gh-issue: 134070 +.. section: Core and Builtins + +Fixed an out-of-bounds read in the generic implementation of `mi_clz32` and `mi_ctz32` in the integrated mimalloc allocator. This bug could occur on platforms with 64-bit `unsigned long` values. Based on upstream fix from microsoft/mimalloc. From e127bd45231bccaba58e5a32732990deb2ff3d5c Mon Sep 17 00:00:00 2001 From: Vedant Ravindra Dhoke <66007382+vedant713@users.noreply.github.com> Date: Sat, 17 May 2025 16:12:46 -0400 Subject: [PATCH 4/9] 2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst --- .../2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst | 1 - 1 file changed, 1 deletion(-) diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst index 267bcef668f339..c7836ac7452c66 100644 --- a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst +++ b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst @@ -1,4 +1,3 @@ .. gh-issue: 134070 .. section: Core and Builtins - Fixed an out-of-bounds read in the generic implementation of `mi_clz32` and `mi_ctz32` in the integrated mimalloc allocator. This bug could occur on platforms with 64-bit `unsigned long` values. Based on upstream fix from microsoft/mimalloc. From f52a8819a13f4483ed6e61a3574a5453e7257761 Mon Sep 17 00:00:00 2001 From: Vedant Ravindra Dhoke <66007382+vedant713@users.noreply.github.com> Date: Sat, 17 May 2025 16:17:36 -0400 Subject: [PATCH 5/9] 2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst --- .../2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst index c7836ac7452c66..16f2b978187b2d 100644 --- a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst +++ b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst @@ -1,3 +1 @@ -.. gh-issue: 134070 -.. section: Core and Builtins -Fixed an out-of-bounds read in the generic implementation of `mi_clz32` and `mi_ctz32` in the integrated mimalloc allocator. This bug could occur on platforms with 64-bit `unsigned long` values. Based on upstream fix from microsoft/mimalloc. +Fixed an out-of-bounds read in the generic implementation of ``mi_clz32`` and ``mi_ctz32`` in the integrated mimalloc allocator. From eb1f908c5d0446483ef3b00a4fa69123afd12cc9 Mon Sep 17 00:00:00 2001 From: vedant713 <66007382+vedant713@users.noreply.github.com> Date: Sat, 17 May 2025 16:34:31 -0400 Subject: [PATCH 6/9] gh-134070: Add news entry for mi_clz32/mi_ctz32 out-of-bounds fix --- 2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst diff --git a/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst b/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst new file mode 100644 index 00000000000000..267bcef668f339 --- /dev/null +++ b/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst @@ -0,0 +1,4 @@ +.. gh-issue: 134070 +.. section: Core and Builtins + +Fixed an out-of-bounds read in the generic implementation of `mi_clz32` and `mi_ctz32` in the integrated mimalloc allocator. This bug could occur on platforms with 64-bit `unsigned long` values. Based on upstream fix from microsoft/mimalloc. From cbdb9b5f16858139aca386df090575322732328b Mon Sep 17 00:00:00 2001 From: Vedant Ravindra Dhoke <66007382+vedant713@users.noreply.github.com> Date: Sat, 17 May 2025 16:50:56 -0400 Subject: [PATCH 7/9] 2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst From 31ae4fac3c2dfcd32b027fd9570f7415346b524b Mon Sep 17 00:00:00 2001 From: Vedant Ravindra Dhoke <66007382+vedant713@users.noreply.github.com> Date: Sat, 17 May 2025 16:53:04 -0400 Subject: [PATCH 8/9] 2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst --- .../2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst index 16f2b978187b2d..7346e68350b526 100644 --- a/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst +++ b/Misc/NEWS.d/next/Core_and_Builtins/2025-05-17-16-45-00.gh-issue-134070.vdhoke.rst @@ -1 +1,4 @@ -Fixed an out-of-bounds read in the generic implementation of ``mi_clz32`` and ``mi_ctz32`` in the integrated mimalloc allocator. +.. gh-issue: 134070 +.. section: Core and Builtins + +Fixed an out-of-bounds read in the generic implementation of ``mi_clz32`` and ``mi_ctz32`` in the integrated mimalloc allocator. This bug could occur on platforms with 64-bit ``unsigned long`` values. Based on upstream fix from microsoft/mimalloc. From 0d2b415ca34cc88aaab0fdf6f06416fed3bd40db Mon Sep 17 00:00:00 2001 From: Vedant Ravindra Dhoke <66007382+vedant713@users.noreply.github.com> Date: Fri, 23 May 2025 20:58:44 -0400 Subject: [PATCH 9/9] Create placeholder for mkdtemp AppContainer fix --- Lib/tempfile.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Lib/tempfile.py b/Lib/tempfile.py index cadb0bed3cce3b..6ba64accd2b3bd 100644 --- a/Lib/tempfile.py +++ b/Lib/tempfile.py @@ -356,7 +356,7 @@ def mkstemp(suffix=None, prefix=None, dir=None, text=False): return _mkstemp_inner(dir, prefix, suffix, flags, output_type) - +# TODO: Suggest AppContainer mkdtemp fix def mkdtemp(suffix=None, prefix=None, dir=None): """User-callable function to create and return a unique temporary directory. The return value is the pathname of the directory.