gh-87604: Avoid publishing list of active per-interpreter audit hooks via the gc module (GH-99373)

This commit is contained in:
Steve Dower 2022-11-14 21:39:18 +00:00 committed by GitHub
parent 3d9431983a
commit 4e4b13e8f6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 20 additions and 0 deletions

View File

@ -450,6 +450,17 @@ def hook(event, args):
syslog.closelog()
def test_not_in_gc():
import gc
hook = lambda *a: None
sys.addaudithook(hook)
for o in gc.get_objects():
if isinstance(o, list):
assert hook not in o
if __name__ == "__main__":
from test.support import suppress_msvcrt_asserts

View File

@ -222,6 +222,11 @@ def test_syslog(self):
('syslog.closelog', '', '')]
)
def test_not_in_gc(self):
returncode, _, stderr = self.run_python("test_not_in_gc")
if returncode:
self.fail(stderr)
if __name__ == "__main__":
unittest.main()

View File

@ -0,0 +1,2 @@
Avoid publishing list of active per-interpreter audit hooks via the
:mod:`gc` module

View File

@ -431,6 +431,8 @@ sys_addaudithook_impl(PyObject *module, PyObject *hook)
if (interp->audit_hooks == NULL) {
return NULL;
}
/* Avoid having our list of hooks show up in the GC module */
PyObject_GC_UnTrack(interp->audit_hooks);
}
if (PyList_Append(interp->audit_hooks, hook) < 0) {