Issue 38723: Pdb._runscript should use io.open_code() instead of open()

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/82904

classification

Title:	Pdb._runscript should use io.open_code() instead of open()
Type:	security	Stage:	resolved
Components:	Library (Lib)	Versions:	Python 3.9, Python 3.8

process

Status:	closed	Resolution:	fixed
Dependencies:		Superseder:
Assigned To:		Nosy List:	Jason.Killen, miss-islington, plokmijnuhby, steve.dower
Priority:	normal	Keywords:	patch

Created on 2019-11-06 16:05 by plokmijnuhby, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Pull Requests
URL	Status	Linked	Edit
PR 17127	merged	python-dev, 2019-11-12 15:34
PR 17135	merged	miss-islington, 2019-11-12 22:48

Messages (5)
msg356145 - (view)	Author: Dominic Littlewood (plokmijnuhby) *	Date: 2019-11-06 16:05
Fairly obviously, if you're using something called _runscript you're probably trying to run some code. To do this it has to open the script as a file. This is similar to two other issues I'm posting, but they're in different modules, so different bugs.
msg356264 - (view)	Author: Jason Killen (Jason.Killen) *	Date: 2019-11-08 21:02
I flipped through PEP 578 (Runtime Audit Hooks) and this seems like the type of situation that PEP 578 was trying to handle. I've got a change that seems to be working and can provide a PR or whatever once I remember/read up on doing that. (I'm a very seldom contributor and am more than happy to defer to those that know more than me.)
msg356500 - (view)	Author: Steve Dower (steve.dower) *	Date: 2019-11-12 22:42
New changeset d593881505c1f4acfd17f41312b27cc898451816 by Steve Dower (jsnklln) in branch 'master': bpo-38723: Pdb._runscript should use io.open_code() instead of open() (GH-17127) https://github.com/python/cpython/commit/d593881505c1f4acfd17f41312b27cc898451816
msg356502 - (view)	Author: Steve Dower (steve.dower) *	Date: 2019-11-12 22:49
Thanks for the PR!
msg356505 - (view)	Author: miss-islington (miss-islington)	Date: 2019-11-12 23:09
New changeset 0a8e7fde064c8fb6eb8e78752d4bcdab56643065 by Miss Islington (bot) in branch '3.8': bpo-38723: Pdb._runscript should use io.open_code() instead of open() (GH-17127) https://github.com/python/cpython/commit/0a8e7fde064c8fb6eb8e78752d4bcdab56643065

History
Date	User	Action	Args
2022-04-11 14:59:22	admin	set	github: 82904
2019-11-12 23:09:11	miss-islington	set	nosy: + miss-islington messages: + msg356505
2019-11-12 22:49:40	steve.dower	set	status: open -> closed versions: + Python 3.8 messages: + msg356502 resolution: fixed stage: patch review -> resolved
2019-11-12 22:48:48	miss-islington	set	pull_requests: + pull_request16645
2019-11-12 22:42:56	steve.dower	set	nosy: + steve.dower messages: + msg356500
2019-11-12 15:34:44	python-dev	set	keywords: + patch stage: patch review pull_requests: + pull_request16635
2019-11-08 21:02:40	Jason.Killen	set	nosy: + Jason.Killen messages: + msg356264
2019-11-06 16:05:59	plokmijnuhby	set	type: security components: + Library (Lib) versions: + Python 3.9
2019-11-06 16:05:27	plokmijnuhby	create